Whitehatters Computer Security Club

# Weekly Friday Meeting – Binary exploitation Meeting | Blue Team Meeting

[ Author: oshien ] [ Date: 01/22/2018 ]

Hello Whitehatters,

 Blue Team: be every Thursday at 5 pm in FAO 168 unless otherwise noted. 

 This Friday (5 pm): we will be having Kevin Orr (Vice President) will be holding the Binary Exploitation Meeting

 “This week we will have our binary exploitation meeting. If you went to Brad's meeting last week, we learned about basic reverse engineering skills and got a taste of Binary Ninja. I will go over some of the other basic tools we use and start to explain how C code is compiled into machine code. Before we meet on Friday, please have a Linux VM ready. I've posted instructions in a github repo that we will be using ( https://github.com/KevOrr/ctf-training/blob/master/2018-01-26/pre-meeting.org ).  If you have any questions, shoot me a message on slack @kevin or drop a message in #general”                   - Kevin Orr

 Website: The website and the Google calendar are updated. This is a guide for new members on how to get involved in the club: http://www.wcsc.usf.edu/noobs 

 Slack: Slack is still our primary communication channel. To be added to our Slack team, please send an email to (wcscsecretary@whitehatters.org).

 Mailing List: To get updates about meeting times and other important information (http://lists.acomp.usf.edu/mailman/listinfo/wcsc

 Other WCSC Resources: 

CTFtime.org: https://ctftime.org/team/315

GitHub: https://github.com/WCSC

Calendar: http://www.wcsc.usf.edu/calendar

Website: www.whitehatters.org 


Oshien Nellissery 

WCSC Secretary


# Weekly Friday Meeting with Speaker Brad Daniels | Blue Team Meeting

[ Author: bao ] [ Date: 01/18/2018 ]

Hello Whitehatters,


We have a date and location for the Blue Team meetings. We will be meeting every Thursday at 5 pm in FAO 168 unless otherwise noted. 


The Exploitation meeting times and dates are still in the works so please be on the look out for that!


Our general meetings will always be on Fridays at 5:00 PM (in EDU 252). But always check your email to make sure a specific meeting was not canceled.


This Friday at 5 pm, our previous president, Brad Daniels, will be giving a talk. 


Website: The website and the Google calendar are updated. This is a guide for new members on how to get involved in the club: http://www.wcsc.usf.edu/noobs


Slack: Slack is still our primary communication channel. To be added to our Slack team, please send an email to either (wcscsecretary@whitehatters.org or president@whitehatters.org).


Mailing List: To get updates about meeting times and other important information (http://lists.acomp.usf.edu/mailman/listinfo/wcsc)


Other WCSC Resources: 


GitHub: https://github.com/WCSC

Calendar: http://www.wcsc.usf.edu/calendar

Website: www.whitehatters.org




WCSC Secretary


# First Meeting of the Spring is this Friday at 5 PM in EDU252

[ Author: oshien ] [ Date: 01/10/2018 ]

Hi Everyone, 

The Whitehatters Computer Security Club will be having it's first official meeting of the spring semester. 


Date: Friday 12th, 2018

Location: EDU252

Time: 5:00 PM


We will be talking about the club and its activities along with multiple hacking demos by club members. 


Our website has all the information you need to get started including a beginner friendly guide. https://www.wcsc.usf.edu/ 

Two important communication channels are:

- Mailing List [http://lists.acomp.usf.edu/mailman/listinfo/wcsc]

-Slack [send an email to president@whitehatters.org or wcscsecretary@whitehatters.org to get added to slack]


Hope to meet you all this Friday and have an amazing semester.


Oshien Nellissery 

WCSC Secretary 

# First Presentation Slides

[ Author: brad_d ] [ Date: 08/28/2017 ]

Here are my slides from last Friday's talk. 

WCSC Intro Talk Fall 2017

Thanks everyone for coming out!

# WCSC Practice CTF Board

[ Author: brad_d ] [ Date: 08/19/2017 ]


We've made a new CTF practice board running on CTFd!

We aim for it to be a repository for all Whitehatter created CTF challenges. There are a number of beginner friendly challenges, so if you're new it's a great way to build up your CTF skills if you're new.

If you have any challenges you've created as a Whitehatter please feel free to send them to me and I'll put them up.

We're also accepting challenge submissions from Whitehatters to be included in the CTF we're putting on for the Florida Center for Cybersecurity Conference in October. More details about the CTF are coming soon. 


Brad Daniels

WCSC President

# 0CTF Today at 8pm

[ Author: brad_d ] [ Date: 03/17/2017 ]

Just a reminder that we're playing in 0CTF this weekend starting at 8pm tonight. It runs for 48 hours and will end at 8pm on Sunday

To play for with our team please join us on #openctf on Slack. 

# Thursday: Practical CTF | Midterms: Wednesday and Friday meetings are canceled | iCTF this weekend

[ Author: brad_d ] [ Date: 02/28/2017 ]
Because of midterms, Wednesday and Friday meetings are canceled.
Thursday: Practical CTF meeting with @nullp0inter in ISA 5021.
Friday @ noon, iCTF:
This weekend we will be playing the iCTF starting at Friday noon. It's an attack-defense CTF and people who are playing will need to find vulnerabilities and be in the same room. 
We will decide the meeting place (ISA 5021 or our hackerspace) after we have a headcount of the people playing. If you want to join us (which you should), message me @patrixia in Slack or @brad_d and we will add you to a private channel.


# Welcome back! | First Meeting on Friday 13th

[ Author: brad_d ] [ Date: 01/12/2017 ]

Hey Whitehatters,

Tomorrow we will be at the Involvement Invasion from 11:00 to 13:00 in the MLK West Lawn.
Our first meeting of the semester will be held this FridayJanuary 13th @ 17:00 in ISA 5021. Our new club President, Brad Daniels, will introduce the club to new members and talk about our plans for the semester.
Wednesday and Thursday meetings will commence next week (January 18th and 19th). 
Meetings: During the Spring semester, we will still meet three times a week:
  • Wednesdays @ 18:30;
  • Thursdays @ 18:30;
  • Fridays @ 17:00
New Officers: The club elected new officers for 2017. 
  • President: Brad (@brad_d);
  • Vice President: Farooq (@bao);
  • Secretary: Patricia (@patrixia);
  • Treasurer: Kyler (@kclonts).
Recruitment: If you know of someone who would like to learn about or be a part of our team, forward them this email.
Website: The website and the Google calendar are updated. This is a guide for new members on how to get involved in the club: http://www.wcsc.usf.edu/noobs
Slack: Slack is still our primary communication channel. To be added to our Slack team, please contact me. 
Other WCSC Resources: 
WCSC CTF challenges: wcscctf.org/ (NEW)mynameisg.us
Twitter: @whitehatters
Patricia W.
WCSC Secretary


# Last Week of Meetings for the Semester

[ Author: brad_d ] [ Date: 12/06/2016 ]
Hi Whitehatters, 
We'll be holding all three regular meetings this week before the month-long winter break. During the break we'll still be active on Slack and IRC if you wanna hack stuff. We might plan some informal meetups over the break as well so stay tuned on Slack. 
Wednesday: 6:00 PM in ISA 5021 we'll be holding our regular practical security meeting. 
Thursday: 6:30 PM in ISA 5021 I will show you how to exploit a CTF challenge and get a shell via a ret-to-libc exploit. I'll talk about ASLR, leaking memory, and tools and techniques for exploiting vulnerable services. 
Friday: 5:00 PM in ISA 5021, nullp0inter will wrap up the semester for us by giving an intro to return-oriented programming. 



# No Meetings This Week

[ Author: brad_d ] [ Date: 11/22/2016 ]

Due to the holiday we will not be having any Whitehatter's meetings this week. We'll still be hanging out on Slack and IRC if you get bored though!


# More Windows Wednesday, CSAW Reviews Thurs. and Fri.

[ Author: brad_d ] [ Date: 09/20/2016 ]
Thank you to everyone who came out last weekend for the CSAW Quals! The competition is over, but the challenge board is still available if you want to practice or follow along with some writeups: https://ctf.csaw.io/
Writeups for the challenges we solved will be going up on our GitHub repo over the next few days: https://github.com/WCSC/writeups
If you have a writeup to contribute please let me know and I'll give you write permissions on GitHub.

Wednesday: Wendesday at 6PM we'll be covering more Windows material. Make sure you're running the Windows 10 VM that was posted in the #ccdc channel. If you have any trouble setting it up please let us know on #ccdc. 

Thursday: 6:30 PM in ISA 5021 we'll be reviewing some of the more difficult challenges from CSAW Quals.
Friday: 5:00 PM in ISA 5021 we'll be going over some of the more beginner-friendly challenges that we solved at CSAW last weekend. Afterwards we'll be heading to Dunderbaks for food and drinks.
TUM CTF: Next Friday 9/30 at 12 noon TUM CTF kicks off. We encourage everyone to play. If you don't have much CTF experience go ahead and ask on Slack and we can provide you with plenty of good CTF training resources.

# CSAW CTF Quals Friday!

[ Author: brad_d ] [ Date: 09/14/2016 ]
Wednesday: At 6PM in ISA 5021 we'll be diving into Windows. Please bring a laptop with a Windows 10 Professional VM installed and ready to go. 
Thursday: 6:30 PM in ISA 5021, we'll be going over some CTF challenges. If  you want to get some practice in before CSAW Quals this is a good chance. 
Friday: 5 PM in ISA 5021 we'll be competing in the NYU CSAW CTF Qualification round. The competition begins at Friday 6 PM and ends at 6 PM Sunday 9/18. We'll be in the lab all weekend playing. 
To play in the CTF make sure you're in the private #ctf channel on Slack (message me or another officer for access). 
We encourage people of all experience levels you to come out and play. This is a collaborative effort so the more heads we have tackling challenges the better we'll do. Come out even if you just want to shoulder-surf. 

# Three Real Meetings This Week

[ Author: brad_d ] [ Date: 09/07/2016 ]
Thank you to everyone who still participated in the Thursday and Friday meetings online last week even though the campus was closed. 
Wednesday: 6 PM in ISA 5021, we'll be covering the basics of networking. No matter what topics you're interested, this will be an important meeting. Networking basics are essential to being able to administer any kind of system. Bring a laptop. 
Thursday: 6:30 PM in ISA 5021. We're going to have our first in-person meeting of the 0x28 CTF team in this room. Xan will be around this week so he'll be leading us though some past CTF challenges to see what we can learn from them. 
Friday: 5:00 PM in ISA 5021. I'll be giving a presentation on getting around firewalls with DNS tunnels. I'll go over some of the common security measures that are put in place in organizations to stop data exfiltration and the circumvension of security policies. Afterwards the crew will be heading out for drinks at Dunderbaks. 
CSAW Quals: CSAW Quals start September 16th. If you've never played a CTF before you're welcome to join. It's a good idea to review some of last years CSAW Quals writeups here: https://github.com/ctfs/write-ups-2015/tree/master/csaw-ctf-2015. There are plenty more CSAW writeups from other years available as well. 
Brad Daniels
WCSC Secretary

# Meetings Wednesday, Thursday, and Friday of this Week

[ Author: brad_d ] [ Date: 08/30/2016 ]

Hi Whitehatters, 

Thank you to everyone who showed up to our Intro meeting last Friday. There were at least 80 of you in attendence which is more than I've ever seen at a Whitehatter's meeting. 
If you liked what you heard and want to know how to get more involved check out our New Members guide here: http://www.wcsc.usf.edu/noobs
If you're new run through OverTheWire.org's Bandit challenge. It'll teach you a lot of the basic UNIX CLI tools you'll need to play in CTF competitions. http://overthewire.org/wargames/bandit/
Wednesday: At 6:00 PM in ISA 5021 we'll be having our first Practical Security meeting of the semester. Wednesdays will feature hands-on guidance in securing and administering Windows and Linux systems with several Whitehatter veterans and alumni standing by to offer support. If you want to learn real world skills in network security that you can add to your resume, come out to Wednesday and get involved. 
Thursday:  6:30 PM in ISA 5021 will be our first ever CTF training meeting. This meeting is designed to strengthen our CTF skills by solving CTF challenges together as a team. This will not be as beginner friendly as Wednesday and Friday, but anyone is welcome to come out and participate. Bring some Linux. Nullp0inter just compiled an Ubuntu 14.04 ISO with a lot of hacking tools pre-installed. If something is broken be sure to pester him on Slack. Download here and check it out: https://drive.google.com/file/d/0B-r6ID_je1xmZU1wYk02Rk1HV0U/view
Friday: This Friday at 5:00 PM in ISA 5021 nullp0inter will be giving a talk on basic buffer overflows. If you're new to CTFs it will be a great talk that will provide you with a good starting point in binary exploitation. Bring some Linux or at least a C compiler to follow along. Afterwards we'll be heading out for drinks, which is a great way to get to know everyone in the club. 
IceCTF: The competition is over, but the challenges are still up if you want to practice. It's a great CTF with challenges for all skill levels. If you get really stuck, check out our write-ups on GitHub, but please, try your best to do it on your own, you'll learn a lot more.
Slack / IRC: Our main communication channel is Slack. If you haven't been added to the wcscusf Slack team, send me an email. Also check out our IRC channel, #wcsc on irc.hackint.org. We now have an IRC client on our web site here: http://www.wcsc.usf.edu/irc. More info on Hackint is here: https://hackint.org/
Brad Daniels
WCSC Secretary

# First Meeting

[ Author: Xan ] [ Date: 08/27/2016 ]

Thanks for everyone who attended our first meeting. We had such a great turnout with over 70 people. For our new members we hope you found it interesting and we will see you next week! Dont forget to subscribe to the calander and to our mailing list.

Here are the slides from yesterday.


Also if your interested the ICEctf still has its challenges up and writeups are out. This is a good intro ctf and if you have time you should take a look at it.




# Welcome Back. First Meeting August 26th

[ Author: brad_d ] [ Date: 08/24/2016 ]

It's been an exciting summer for the Whitehatters. The two summer camp programs we put on with FC2, GenCyber and PreCollege Cyber Defense Boot Camp, went very well. It's looking good that both of those programs will be happening again next year. The camps provided us with the means to cover airfare, hotel, and registration for Whitehatters to attend DEF CON 24 in Las Vegas. Thank you to all those who helped out.

Meetings: Our first meeting of the semester will be held this Friday August 26th at 5 PM in ISA 5021. Club President Kris (Xan) will introduce the club to new members, and talk about our plans for the semester.
Wednesday and Thursday meetings will commence next week. 
Recruitment: The club is trying hard to step up our recruitment efforts this semester. We've appointed Fidel (cookieman08) as the club's Head of Recruitment. If you have any ideas or questions about recruiting new members or getting the word out about our club, please contact him on Slack.
Website: The website and the Google calendar have been updated recently. We produced a short guide for new members on how to get involved in the club which is available here: http://www.wcsc.usf.edu/noobs
Slack: Slack is now our primary communication channel. We've reorganized some things, mainly that the #ctf channel is now private to keep out rival CTF teams. If you're not on our Slack team, or not in the #ctf channel, please contact me. 
IceCTF: Several of our members have been playing the IceCTF lately. It's a really fun CTF with tons of challenges for all skill-levels. It ends Friday at noon. You can get started at https://play.icec.tf/, but be sure to check out #ctf on Slack to play with the rest of the Whitehatters.
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters
Brad Daniels
WCSC Secretary

# [Fall 2016]

[ Author: Xan ] [ Date: 01/24/2017 ]

New Members Fall 2016

# No Meetings This Week

[ Author: brad_d ] [ Date: 08/09/2016 ]
Thanks to all of you who helped out with GenCyber and Precollege and got your free trip to DEFCON. Everyone was really impressed with how it turned out.
Since we're all recovering from DEFCON and getting ready to start the semester, we are not having any meetings this week. Stay tuned to the mailing list and Slack for updates on when the next meeting will be. 

# Whitehatter's DEFCON Meetup!

[ Author: brad_d ] [ Date: 07/21/2016 ]
What: Defcon meet-up for WCSC members, alumni, and friends 
When: Thursday, August 4 at 9 PM 
Where: Hofbräuhaus Las Vegas, 4510 Paradise Road.
We have reserved a table for 25.
Let's talk CGC, CTF, CVE, and any other related acronyms. CYA there.
Jeremy R.

# No Whitehatters Meetings Till August 10th

[ Author: brad_d ] [ Date: 07/18/2016 ]
Due to our involvement in GenCyber and PreCollege, and the subsequent trip to DEFCON in Las Vegas, we will not be holding any meetings until August 10th. 
Enjoy the rest of your summer break! 

# Lots of Cool Presentations, WiFi Wednesday

[ Author: brad_d ] [ Date: 03/17/2016 ]

CTF: Boston Key Party is coming up March 4th through 6th. https://ctftime.org/event/252

Wednesday Meeting: Tomorrow at 6PM we will be meeting in ISA 5021 to go over Wi-Fi security. Please bring a Kali install and a Wi-Fi card that supports monitor mode to join in on the fun. 
Friday Meeting: Our flagship meeting is at 5PM every Friday in ISA 5021. 
Below is our tentative presentation schedule: 
2/26: brad_d, Windows authentication
3/4: nullp0inter, buffer overflow
3/11: ReliaQuest, Cybercrime and Blackhat hackers
If you want to present at Whitehatter's please send me an email with your topic idea and any date restrictions. 
You don't have to be a hacking prodigy to present. If you're working on something cool, or want to learn something new, preparing a presentation is a great way to sharpen your understanding on a topic. You can review past presentations on our GitHub. 

# Meeting tonight at 6PM, Malware talk on Friday

[ Author: brad_d ] [ Date: 02/17/2016 ]

Blue Team Wednesday: Today at 6PM in ISA5021, we're going to be reviewing our performance at SECCDC Quals. We'll be going over what we could have done better during the competition, and the future direction of the Wednesday meetings. We'll be discussing the summer pre-college program, and opportunities for an expenses-paid trip to DEFCON 2016. 

0x28 Council: WCSC is restarting the 0x28 Council. The council is a group of club members who play a more active role in the club. Council members will be expected to contribute more to the club, but in return, have a greater voice in club decisions, and greater involvement in special projects and work opportunities. More details on the 0x28 council will be discussed today at the Wednesday meeting, and again at the Friday meeting. 
Expo: Tomorrow at 5PM we will be meeting up in the ISA5021 lab to go over our plans for the USF Engineering Expo. This is a great opportunity to get more active in Whitehatters. To get involved, please message nullp0inter on Slack or IRC, or email him at ian@whitehatters.org.
Friday Meeting: This Friday at 5PM in ISA 5021, we will hold our regular Friday meeting. Xan will be giving a talk on Malware Analysis that you should not miss. Afterwards, we'll head to Dunderbaks for drinks and food. 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. Much of the chatting has moved to Slack now. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters

# Blue Team Tomorrow, Last Meeting of the Semester on Friday

[ Author: brad_d ] [ Date: 12/01/2015 ]


Watch this 2010 short doc about the Whitehatters! https://www.youtube.com/watch?v=TvmaCNJnSZ8 

Wednesday Blue Team: Tomorrow night at 6 PM in CIS 1035 we will be having our next Blue Team meeting. If you want to get practical hands on experience administering and securing Linux and Windows systems, come join us! It's never too late to get involved. 
Friday Meeting: This Friday, Dec. 4th at 5 PM in CUTr 202 we will be having our last regular WCSC meeting of the semester. Cybersecurity professional Brandon Ward of Raytheon SI will be giving a talk on using emulators to find bugs. 
Bull Market: nullp0inter, GH0S1 and others will be out in front of the Marshall Center tomorrow for Bull Market. Come by and check out our table tomorrow between 8:30 and 3. 
Good luck on finals everyone! 

# Blue Team today, SQL Injection on Friday

[ Author: brad_d ] [ Date: 11/19/2015 ]

Blue Team: Tonight at 6pm in CIS 1035, we're having our weekly Blue Team meeting. It's not too late to get involved! If you want to join the Linux team please bring Ubuntu 14.04 and CentOS 7 VMs. If you wanna join the Windows team bring a Windows Server 2012 R2 VM, which you can get through Dreamspark. 

For Linux command line practice, OverTheWire.org has a great wargame for learning the basics at http://overthewire.org/wargames/bandit/ 
Don't sell yourself short and look up the solutions! Use the man command for help! 
CigarCitySec: After the Blue Team meeting, we'll be heading over to CigarCitySec for beers. CigarCitySec is a monthly informal gathering of Tampa Bay computer security professionals. More information can be found at http://cigarcitysec.com/
If you need a ride, let us know on IRC or Slack. 
Friday Meeting: 5pm this Friday in Cutr 202, former WCSC president rastii will be giving a talk on SQL Injection! He has challenges ready for all experience levels after the presentation. It should be a fun evening. Afterwards, we'll be hitting up Dunderbaks, as usual. 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters

# WCSC @ CigarCitySec

[ Author: Xan ] [ Date: 09/17/2015 ]



A couple of us from WCSC made it out to the third meeting of CigarCitySec last night. Hopefully it will continue to keep growing. Its a really awesome time to meet people in the Tampa security community. If you haven’t been yet come join us next month. Meeting dates are on the WCSC calander. 




# Welcome To Spring 2015

[ Author: Xan ] [ Date: 01/22/2015 ]

Welcome Everyone!

This Friday (January 23) in MSC 2703 at 5pm Whitehatters will start the first official meeting of the new Spring semester. I wanted to take some time to welcome new and past members who will be joining us.

If you have not already noticed the Whitehatters calendar has been updated and if you haven't subscribed now is a great time to do so. Whitehatters Calendar 

Last week, Whitehatters competed in Ghosts In The Shellcode accomplishing some great work for our first CTF of the new year. Hopefully, we will have writeups of some of the challenges up soon.

This semester we have some great events planned out. USF Engineering Expo is coming up on February 13th and 14th and Whitehatters will be there once again. It will be exciting to show off our new demo this year related to cyber security. Of course, CTFs are important to the club and Whitehatters will be out in full force this semester competing in Boston Key Party, PlaidCTF, SECCDC, and several others before finishing out the semester with DEFCON 23 Quals.

If you haven't already, you should join the discussion with our several communication outlets including our...

Mailing List

IRC: irc.hackint.org/9999 #WCSC



Looking forward to a busy and awesome Spring semester.

See you all on Friday!

Upcoming Events