Whitehatters Computer Security Club

# More Windows Wednesday, CSAW Reviews Thurs. and Fri.

[ Author: brad_d ] [ Date: 09/20/2016 ]
 
Thank you to everyone who came out last weekend for the CSAW Quals! The competition is over, but the challenge board is still available if you want to practice or follow along with some writeups: https://ctf.csaw.io/
 
Writeups for the challenges we solved will be going up on our GitHub repo over the next few days: https://github.com/WCSC/writeups
 
If you have a writeup to contribute please let me know and I'll give you write permissions on GitHub.
 

Wednesday: Wendesday at 6PM we'll be covering more Windows material. Make sure you're running the Windows 10 VM that was posted in the #ccdc channel. If you have any trouble setting it up please let us know on #ccdc. 

Thursday: 6:30 PM in ISA 5021 we'll be reviewing some of the more difficult challenges from CSAW Quals.
 
Friday: 5:00 PM in ISA 5021 we'll be going over some of the more beginner-friendly challenges that we solved at CSAW last weekend. Afterwards we'll be heading to Dunderbaks for food and drinks.
 
TUM CTF: Next Friday 9/30 at 12 noon TUM CTF kicks off. We encourage everyone to play. If you don't have much CTF experience go ahead and ask on Slack and we can provide you with plenty of good CTF training resources.
 

# CSAW CTF Quals Friday!

[ Author: brad_d ] [ Date: 09/14/2016 ]
Wednesday: At 6PM in ISA 5021 we'll be diving into Windows. Please bring a laptop with a Windows 10 Professional VM installed and ready to go. 
 
Thursday: 6:30 PM in ISA 5021, we'll be going over some CTF challenges. If  you want to get some practice in before CSAW Quals this is a good chance. 
 
Friday: 5 PM in ISA 5021 we'll be competing in the NYU CSAW CTF Qualification round. The competition begins at Friday 6 PM and ends at 6 PM Sunday 9/18. We'll be in the lab all weekend playing. 
 
To play in the CTF make sure you're in the private #ctf channel on Slack (message me or another officer for access). 
 
We encourage people of all experience levels you to come out and play. This is a collaborative effort so the more heads we have tackling challenges the better we'll do. Come out even if you just want to shoulder-surf. 
 
 

# Three Real Meetings This Week

[ Author: brad_d ] [ Date: 09/07/2016 ]
Thank you to everyone who still participated in the Thursday and Friday meetings online last week even though the campus was closed. 
 
Wednesday: 6 PM in ISA 5021, we'll be covering the basics of networking. No matter what topics you're interested, this will be an important meeting. Networking basics are essential to being able to administer any kind of system. Bring a laptop. 
 
Thursday: 6:30 PM in ISA 5021. We're going to have our first in-person meeting of the 0x28 CTF team in this room. Xan will be around this week so he'll be leading us though some past CTF challenges to see what we can learn from them. 
 
Friday: 5:00 PM in ISA 5021. I'll be giving a presentation on getting around firewalls with DNS tunnels. I'll go over some of the common security measures that are put in place in organizations to stop data exfiltration and the circumvension of security policies. Afterwards the crew will be heading out for drinks at Dunderbaks. 
 
CSAW Quals: CSAW Quals start September 16th. If you've never played a CTF before you're welcome to join. It's a good idea to review some of last years CSAW Quals writeups here: https://github.com/ctfs/write-ups-2015/tree/master/csaw-ctf-2015. There are plenty more CSAW writeups from other years available as well. 
 
--
Brad Daniels
WCSC Secretary

# Meetings Wednesday, Thursday, and Friday of this Week

[ Author: brad_d ] [ Date: 08/30/2016 ]

Hi Whitehatters, 

 
Thank you to everyone who showed up to our Intro meeting last Friday. There were at least 80 of you in attendence which is more than I've ever seen at a Whitehatter's meeting. 
 
If you liked what you heard and want to know how to get more involved check out our New Members guide here: http://www.wcsc.usf.edu/noobs
 
If you're new run through OverTheWire.org's Bandit challenge. It'll teach you a lot of the basic UNIX CLI tools you'll need to play in CTF competitions. http://overthewire.org/wargames/bandit/
 
 
Wednesday: At 6:00 PM in ISA 5021 we'll be having our first Practical Security meeting of the semester. Wednesdays will feature hands-on guidance in securing and administering Windows and Linux systems with several Whitehatter veterans and alumni standing by to offer support. If you want to learn real world skills in network security that you can add to your resume, come out to Wednesday and get involved. 
 
Thursday:  6:30 PM in ISA 5021 will be our first ever CTF training meeting. This meeting is designed to strengthen our CTF skills by solving CTF challenges together as a team. This will not be as beginner friendly as Wednesday and Friday, but anyone is welcome to come out and participate. Bring some Linux. Nullp0inter just compiled an Ubuntu 14.04 ISO with a lot of hacking tools pre-installed. If something is broken be sure to pester him on Slack. Download here and check it out: https://drive.google.com/file/d/0B-r6ID_je1xmZU1wYk02Rk1HV0U/view
 
Friday: This Friday at 5:00 PM in ISA 5021 nullp0inter will be giving a talk on basic buffer overflows. If you're new to CTFs it will be a great talk that will provide you with a good starting point in binary exploitation. Bring some Linux or at least a C compiler to follow along. Afterwards we'll be heading out for drinks, which is a great way to get to know everyone in the club. 
 
IceCTF: The competition is over, but the challenges are still up if you want to practice. It's a great CTF with challenges for all skill levels. If you get really stuck, check out our write-ups on GitHub, but please, try your best to do it on your own, you'll learn a lot more.
 
 
Slack / IRC: Our main communication channel is Slack. If you haven't been added to the wcscusf Slack team, send me an email. Also check out our IRC channel, #wcsc on irc.hackint.org. We now have an IRC client on our web site here: http://www.wcsc.usf.edu/irc. More info on Hackint is here: https://hackint.org/
 
--
Brad Daniels
WCSC Secretary
 

# First Meeting

[ Author: Xan ] [ Date: 08/27/2016 ]

Thanks for everyone who attended our first meeting. We had such a great turnout with over 70 people. For our new members we hope you found it interesting and we will see you next week! Dont forget to subscribe to the calander and to our mailing list.

Here are the slides from yesterday.

https://drive.google.com/open?id=10cP7pK9eKjivz2W6xTzjFlYGWwoiu_hAXR2FM7DN_r8

Also if your interested the ICEctf still has its challenges up and writeups are out. This is a good intro ctf and if you have time you should take a look at it.

https://icec.tf/

 

Xan

# Welcome Back. First Meeting August 26th

[ Author: brad_d ] [ Date: 08/24/2016 ]

It's been an exciting summer for the Whitehatters. The two summer camp programs we put on with FC2, GenCyber and PreCollege Cyber Defense Boot Camp, went very well. It's looking good that both of those programs will be happening again next year. The camps provided us with the means to cover airfare, hotel, and registration for Whitehatters to attend DEF CON 24 in Las Vegas. Thank you to all those who helped out.

 
Meetings: Our first meeting of the semester will be held this Friday August 26th at 5 PM in ISA 5021. Club President Kris (Xan) will introduce the club to new members, and talk about our plans for the semester.
 
Wednesday and Thursday meetings will commence next week. 
 
Recruitment: The club is trying hard to step up our recruitment efforts this semester. We've appointed Fidel (cookieman08) as the club's Head of Recruitment. If you have any ideas or questions about recruiting new members or getting the word out about our club, please contact him on Slack.
 
Website: The website and the Google calendar have been updated recently. We produced a short guide for new members on how to get involved in the club which is available here: http://www.wcsc.usf.edu/noobs
 
Slack: Slack is now our primary communication channel. We've reorganized some things, mainly that the #ctf channel is now private to keep out rival CTF teams. If you're not on our Slack team, or not in the #ctf channel, please contact me. 
 
IceCTF: Several of our members have been playing the IceCTF lately. It's a really fun CTF with tons of challenges for all skill-levels. It ends Friday at noon. You can get started at https://play.icec.tf/, but be sure to check out #ctf on Slack to play with the rest of the Whitehatters.
 
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters
 
--
Brad Daniels
WCSC Secretary
 

# [Fall 2016]

[ Author: Xan ] [ Date: 08/22/2016 ]

New Members Fall 2016

# No Meetings This Week

[ Author: brad_d ] [ Date: 08/09/2016 ]
Thanks to all of you who helped out with GenCyber and Precollege and got your free trip to DEFCON. Everyone was really impressed with how it turned out.
 
Since we're all recovering from DEFCON and getting ready to start the semester, we are not having any meetings this week. Stay tuned to the mailing list and Slack for updates on when the next meeting will be. 
 

# Whitehatter's DEFCON Meetup!

[ Author: brad_d ] [ Date: 07/21/2016 ]
What: Defcon meet-up for WCSC members, alumni, and friends 
When: Thursday, August 4 at 9 PM 
Where: Hofbräuhaus Las Vegas, 4510 Paradise Road.
 
We have reserved a table for 25.
 
Let's talk CGC, CTF, CVE, and any other related acronyms. CYA there.
 
Jeremy R.

# No Whitehatters Meetings Till August 10th

[ Author: brad_d ] [ Date: 07/18/2016 ]
Due to our involvement in GenCyber and PreCollege, and the subsequent trip to DEFCON in Las Vegas, we will not be holding any meetings until August 10th. 
 
Enjoy the rest of your summer break! 
 
 

# Lots of Cool Presentations, WiFi Wednesday

[ Author: brad_d ] [ Date: 03/17/2016 ]

CTF: Boston Key Party is coming up March 4th through 6th. https://ctftime.org/event/252

 
Wednesday Meeting: Tomorrow at 6PM we will be meeting in ISA 5021 to go over Wi-Fi security. Please bring a Kali install and a Wi-Fi card that supports monitor mode to join in on the fun. 
 
Friday Meeting: Our flagship meeting is at 5PM every Friday in ISA 5021. 
 
Below is our tentative presentation schedule: 
 
2/26: brad_d, Windows authentication
3/4: nullp0inter, buffer overflow
3/11: ReliaQuest, Cybercrime and Blackhat hackers
 
If you want to present at Whitehatter's please send me an email with your topic idea and any date restrictions. 
 
You don't have to be a hacking prodigy to present. If you're working on something cool, or want to learn something new, preparing a presentation is a great way to sharpen your understanding on a topic. You can review past presentations on our GitHub. 
 
-brad_d
jbdaniels@mail.usf.edu
 

# Meeting tonight at 6PM, Malware talk on Friday

[ Author: brad_d ] [ Date: 02/17/2016 ]

Blue Team Wednesday: Today at 6PM in ISA5021, we're going to be reviewing our performance at SECCDC Quals. We'll be going over what we could have done better during the competition, and the future direction of the Wednesday meetings. We'll be discussing the summer pre-college program, and opportunities for an expenses-paid trip to DEFCON 2016. 

 
0x28 Council: WCSC is restarting the 0x28 Council. The council is a group of club members who play a more active role in the club. Council members will be expected to contribute more to the club, but in return, have a greater voice in club decisions, and greater involvement in special projects and work opportunities. More details on the 0x28 council will be discussed today at the Wednesday meeting, and again at the Friday meeting. 
 
Expo: Tomorrow at 5PM we will be meeting up in the ISA5021 lab to go over our plans for the USF Engineering Expo. This is a great opportunity to get more active in Whitehatters. To get involved, please message nullp0inter on Slack or IRC, or email him at ian@whitehatters.org.
 
Friday Meeting: This Friday at 5PM in ISA 5021, we will hold our regular Friday meeting. Xan will be giving a talk on Malware Analysis that you should not miss. Afterwards, we'll head to Dunderbaks for drinks and food. 
 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. Much of the chatting has moved to Slack now. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
 
Other WCSC Resources: 
 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters

# Blue Team Tomorrow, Last Meeting of the Semester on Friday

[ Author: brad_d ] [ Date: 12/01/2015 ]

 

Watch this 2010 short doc about the Whitehatters! https://www.youtube.com/watch?v=TvmaCNJnSZ8 

Wednesday Blue Team: Tomorrow night at 6 PM in CIS 1035 we will be having our next Blue Team meeting. If you want to get practical hands on experience administering and securing Linux and Windows systems, come join us! It's never too late to get involved. 
 
Friday Meeting: This Friday, Dec. 4th at 5 PM in CUTr 202 we will be having our last regular WCSC meeting of the semester. Cybersecurity professional Brandon Ward of Raytheon SI will be giving a talk on using emulators to find bugs. 
 
Bull Market: nullp0inter, GH0S1 and others will be out in front of the Marshall Center tomorrow for Bull Market. Come by and check out our table tomorrow between 8:30 and 3. 
 
Good luck on finals everyone! 
 
 

# Blue Team today, SQL Injection on Friday

[ Author: brad_d ] [ Date: 11/19/2015 ]

Blue Team: Tonight at 6pm in CIS 1035, we're having our weekly Blue Team meeting. It's not too late to get involved! If you want to join the Linux team please bring Ubuntu 14.04 and CentOS 7 VMs. If you wanna join the Windows team bring a Windows Server 2012 R2 VM, which you can get through Dreamspark. 

 
For Linux command line practice, OverTheWire.org has a great wargame for learning the basics at http://overthewire.org/wargames/bandit/ 
Don't sell yourself short and look up the solutions! Use the man command for help! 
 
CigarCitySec: After the Blue Team meeting, we'll be heading over to CigarCitySec for beers. CigarCitySec is a monthly informal gathering of Tampa Bay computer security professionals. More information can be found at http://cigarcitysec.com/
 
If you need a ride, let us know on IRC or Slack. 
 
Friday Meeting: 5pm this Friday in Cutr 202, former WCSC president rastii will be giving a talk on SQL Injection! He has challenges ready for all experience levels after the presentation. It should be a fun evening. Afterwards, we'll be hitting up Dunderbaks, as usual. 
 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
 
Other WCSC Resources: 
 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters
 

# WCSC @ CigarCitySec

[ Author: Xan ] [ Date: 09/17/2015 ]

9/16/2015

 

A couple of us from WCSC made it out to the third meeting of CigarCitySec last night. Hopefully it will continue to keep growing. Its a really awesome time to meet people in the Tampa security community. If you haven’t been yet come join us next month. Meeting dates are on the WCSC calander. 

http://cigarcitysec.com

https://twitter.com/cigarcitysec

 

# Welcome To Spring 2015

[ Author: Xan ] [ Date: 01/22/2015 ]

Welcome Everyone!

This Friday (January 23) in MSC 2703 at 5pm Whitehatters will start the first official meeting of the new Spring semester. I wanted to take some time to welcome new and past members who will be joining us.

If you have not already noticed the Whitehatters calendar has been updated and if you haven't subscribed now is a great time to do so. Whitehatters Calendar 

Last week, Whitehatters competed in Ghosts In The Shellcode accomplishing some great work for our first CTF of the new year. Hopefully, we will have writeups of some of the challenges up soon.

This semester we have some great events planned out. USF Engineering Expo is coming up on February 13th and 14th and Whitehatters will be there once again. It will be exciting to show off our new demo this year related to cyber security. Of course, CTFs are important to the club and Whitehatters will be out in full force this semester competing in Boston Key Party, PlaidCTF, SECCDC, and several others before finishing out the semester with DEFCON 23 Quals.

If you haven't already, you should join the discussion with our several communication outlets including our...

Mailing List

IRC: irc.hackint.org/9999 #WCSC

Twitter

Bullsync


Looking forward to a busy and awesome Spring semester.

See you all on Friday!

# Defcon 22 memoirs

[ Author: hhh ] [ Date: 08/29/2014 ]

On August 7-10, a number of USF Whitehatters (current and alumni) made their way out to Las Vegas for the annual hacker conference known as Defcon.  This was my 10th trip out there, and each time has been a unique and rewarding experience. As I said to someone, "I used to go for the talks. Now, I just go to talk to people."

I was impressed as always with our friends at LegitBS who ran the Defcon Capture the Flag (CTF) competition, complete with its own custom hardware badge hacking challenge and epic competition visualizations, not to mention the usual array of staggeringly clever binaries. I received a special CTF challenge coin that has gone onto the shelf of treasures in my office.

Speaking of badges, duck did a nice job of hacking up the Defcon badge with an IR diode from Fry's so that he could replay the signals from Goon and Uber badges; but the the real story behind the badge was a little more complex.

As usual, our team made it to the finals of Hacker Jeopardy!, and as usual, we came in second. We're getting to be known as the Buffalo Bills of Hacker J! ... bspar will probably not appreciate me mentioning this, but he earned an atomic wedgie after missing an alt-coin question. Despite a promise from the emcee, G. Mark Hardy, that this year's competition would reward knowledge over alcohol consumption, that was not really the case.

ninjafish and intrigue, not sure if you heard, but Jolly/Zelda & friends pulled off a Shmoocon/Defcon Hack Fortress 6-peat even without your Heavy and Pyro, respectively. Or is it Demoman and Spy? I can never remember.

I finally gave into the Pineapple craze and picked up one of the new Mark V's, even while @IHuntPineapples was popping shell on those unwise enough to fire up theirs at Defcon.  I waited till I got home to update the firmware and have been having some fun with it. I'll do a demo at a WCSC meeting sometime.

Well, there were many, many other good memories from Defcon, but as they say: "What happens in Vegas ... ends up on Twitter."

Upcoming Events