In our previous post, we talked about using robots.txt to uncover hidden information about a target website. By the end of this post you should be able to: Use dirb to spider a website for directory content Use Burp to attempt a brute forcing attack You will need the following: Kali Linux virtual machine installed and ready to go The following ISO file ... READ MORE
Events
CTF Example – Hacking
CTF Example – Hacking Although hacking can have multiple different meanings, in the context of the RSM CTF the hacking category focuses on the active exploitation of vulnerable services. In this blog, you should expect to come away with the following skills: Use VMWare to set up and configure a safe test lab environment Use Nmap to find out what services are running on ... READ MORE
Target Locked: Game Accounts
Millions of people play video games in some way, shape, or form, from Call of Duty to World of Warcraft to Candy Crush, on multiple devices. As with anything popular, games are drawing the attention of those who want to exploit the unaware. As technology has grown, so has cybercrime, and gaming is no safe zone. Even as leading companies in gaming are working to increase ... READ MORE
CTF Example – Coding
You sit there in front of your desk after getting hired in to a security position, and quickly realize that it is no point-and-click job. Security on both sides of the house leverage the power of programming to automate tasks. This can be anything from alerting on specific key words on logs, to making a quick script to gather information for the environment you just caught a ... READ MORE
CTF Example – Wireless Security
Each of RSM's previous Capture the Flag events has included a challenge in which participants were tasked with tracking down a specific wireless access point. There are many examples of the practical applications of being able to accomplish such a task. These include manually verifying potential rogue access points and signal triangulation (which is an entire science in and of ... READ MORE
CTF Example – Cryptography
Our Cryptography challenges have historically been paper-and-pencil options, requiring less raw, technical skill to complete. The category is meant to be a more approachable option for participants who favor puzzles instead of hacking or coding. The example I'll walk you through in this post is no exception. The 300 point challenge from our 2016 CTF event required the ... READ MORE
CTF Example – Forensics
You might not realize it, but your files say a lot about your identity. Whenever you take a picture on a digital camera or cell phone, essential information called metadata is written into the image file. This data can include things like the model of camera, whether or not the flash fired, date, time, and even GPS coordinates. EXIF data is a specific subset of metadata ... READ MORE
Let’s Build an Arcade Cabinet: Episode V
The project is finally complete. It's been roughly nine months since we got started, but we finally have a working cabinet in the office. This final post in the series will cover the following items: Final painting Routing Internal hardware Hyperspin Front-end Custom artwork Believe or not, there were no significant changes to design this time! And that was ... READ MORE
Let’s Build an Arcade Cabinet: Episode IV
Well, we're now all covered in saw dust and paint, but the shell is up and ready for hardware! The steps we've taken since Episode III are very straightforward, though we also ended up changing the front of the MCP Base just slightly. Other updates included the following (each of which will be covered in more detail below): Attach the cup holder panel Add casters for ... READ MORE
Register Now for the RSM Capture The Flag 2016
We here at the WarRoom love this time of year as it's time for our annual Capture the Flag event. This year, we're working with Akron University and opened the CTF to both undergrad college and high school teams. Here's a little bit of the details: High School Students College Students High school students in grades 9-12. Teams will consist of 1 to 4 ... READ MORE