http://exploitshop.wordpress.com/

More to be added soon….

Speaker: Md Sohail Ahmad

WPA2 is the most robust security configuration available today for WiFi networks. It is widely used to secure enterprise WLANs. Interestingly, it is also being used to secure guest, municipal and public WiFi networks. In this paper, we present a new vulnerability found in WPA2 protocol which can be exploited by a malicious user to attack and compromise legitimate users. We also present a few attack mitigation techniques which can be used to protect genuine WiFi users.

For presentations, whitepapers or audio version of the Defcon 18 presentations visit: http://defcon.org/html/links/dc-archives/dc-18-archive.html

A very good tutorial by SpoonFedVideos

FOCA is a tool to extract information in footprinting and fingerprinting phases during a penetration test. It helps auditors to extract and analyze information from metadata, hidden info and lost data in published files. This new release of FOCA, version 2, adds tools to scans internal domains using PTR Scanning, Software recognition through installation paths, etc. The idea of FOCA is to give as much info as can be discovered automatically starting from a public domain name.

In simple terms, IRC is a Chat program that allows users to communicate and exchange files. Users have to connect to an IRC Server and then join the Channel (similar to chat rooms) of their choice for discussion and group communication.

In this tutorial, we will cover how to connect to our IRC Channel (#HackIT-Lobby) which is available on chat4all.org Server. We will be using ChatZilla, which is a Firefox extension for IRC.

Action Time

• Download and install Mozilla Firefox (if not installed) from the following location – http://www.mozilla.org/en-US/firefox/new/
• After installing Mozilla Firefox, open the link – https://addons.mozilla.org/en-US/firefox/addon/chatzilla/ – in firefox.
• Click on the Green button titled “Add to Firefox” as shown below:

•  A new window will pop-up as shown below. Click on the “Install Now” button.

Software Installation

• A message window will appear as shown below, informing that the installation will be done after Firefox is restarted.

Firefox Restart

• Restart Firefox (Close firefox and open it again)
• Click on “Tools” and click on “ChatZilla”

ChatZilla

• Chatzilla will open as a new Window.

ChatZilla Window (Click to enlarge)

• At the botom left corner of the screen, you can see the current nick name.

ChatZilla User Name

• You can change the nick name by typing the following command:

/nick new_user

where new_user can be your preferred nickname.

•  If you want to change the background to black, click on “View” -> “Color Scheme” -> “Dark Motif”.
• The window appearance wil change as shown below:

ChatZilla Black Theme

•  Let’s now connect to our server.
• Type the following command and press enter.

/server irc.chat4all.org

• We will be connected to the IRC Server or Chat4all Network as shown below:

ChatZilla Window

• After connecting to a server, the next step is to connect to a channel.
• In our example, we will be connecting to a Channel named “HackIT-Lobby”.
• Type the following command and press enter:

/join #HackIT-Lobby

•  Note, in IRC, the channel names are preceded with a “#” (hash) symbol.
• A new tab will be opened as shown below:

#HackIT-Lobby

•  Congratulations, you have successfully connected to our IRC Server.
• Free free to shoot and share your technical questions and ideas with the HackIT community.

In the next tutorial, we will see how we can register a nick name with the IRC server and authenticate to the server using a nick name and password.

Till then – Happy Hacking

Tutorial Written by Manu Zacharia