ROOTCON 7 Details

Date and Venue
The largest annual hacker conference in the country ROOTCON will celebrate its 7th year this coming September 12-14, 2013. The first day which is September 12 will be packed with workshops and training organized by our very own NexSquare Inc. followed by the con proper on September 13th and 14th.  After a considerable days of negotiating our venue to cater more attendees we came up with a verdict that we will be returning to Parklane International Hotel in Cebu City.

Activities and Workshops
This year our very own NexSquare Inc. are kind enough to organize workshop on the first day of the conference. Some of the pre-final workshops are as follows:

WiFu - Introduction to Wireless Security
Hacking 101 - Introduction to Hackery
Lockpick 101 - Introduction to LockPicking
Metasploit-Fu - Ninja training on Metasploit
Web App Security - Introduction to Web Application Penetration Testing

These workshops are introductory to trainings offered by NexSquare Inc. with a very reasonable price to CON-Goers.

We also have our pre-con activities; activities like:

WiFi Shootout
Pre-con gathering (H4xor BBQ)

Pricing
We wanted ROOTCON to stay the cheapest and yet the best hacker conference in town; we were able to maintain the price of Php2800.00 for two consecutive years; however economically our materials and logistics costs increased so in order to cover all of our expenses such us speakers airfare and accommodation, badges, swags, meals and venue we came up with a slight price increase, this is also in parallel to the price our venue is giving us. The price for this year's conference are as follows:

Early Pro Registration: Php3300.00
Early Student Registration: Php2800.00
Group of 5 Registration: Php14025 (less 15%)

Late Pro Registration: Php4300.00
Late Student Registration: Php3800.00

Stay tuned for regular updates on the following

Facebook: https://www.facebook.com/rootcon
Twitter: https://www.twitter.com/_rootcon_
Forum: http://forum.rootcon.org
Main Site: https://www.rootcon.org

We hope to see everyone at ROOTCON this year!!!!

Hackers Unite

All the best,
-semprix

Sulit.com.ph hacking incident

Around 15:00 while upgrading the ROOTCON systems one of the ROOTCON Goons reported that there was a hacking incident on Sulit (an online buy and sell portal http://www.sulit.com.ph) the incident was claimed by ROOTCON.ORG and ANONYMOUS.


The Sulit website was replaced by the homepage of Ayosdito.ph, another classified ads portal in the country. Also, the title of the hacked page states: “ROOTCON.ORG We are anonymous. We are Legion. We do not forgive. We do not forget.” 
Sulit.com.ph temporarily shut down its site, and issued an advisory to the public via Twitter @sulit:“A relatively simple attack was made against us. We should be back online and back to normal in a few minutes. To be clear, only a 3rd-party vendor was compromised; our data, application, and servers were unaffected and are intact.”   source: http://infolikes.com/internet/sulit-com-ph-website-hacked/

The ROOTCON core group is composed of high level security professionals, we always ensure we observe proper ethics through responsible full-disclosure if given one of our members found a serious vulnerabilities on certain web application or network. The internet is a free world to live anyone can easily tag and use the name ROOTCON as part of their hacking adventure. ROOTCON is not an underground group we are a legitimate group registered under Security and Exchange Commission, we only provide neutral venue where enterprise, government and underground share best practice, latest trends and cutting edge security techonologies.

On behalf of ROOTCON and its Goons I would like to inform everyone that ROOTCON and its crew does not condone illegal activities like this and we are not part of the hacking incident that occurred. The attack was acknowledged by certain group which is NOT part of ROOTCON. This incident is another heads-up to our security professionals and system administrators to take information security seriously; its a crazy world out there.


Check out the Official Sulit Press Release


semprix (The Fork Meister)

RC6 Ticket Sale

Early Registration for ROOTCON 6 ended yesterday July 16, 2012 at exactly 12 midnight.

Regular rate registration is now open until August 17, 2012, since we want you to come!!! we are still giving away discounts get our group of 5 package and get 10% off.

What are you waiting for REGISTER NOW!!!!

http://rootcon6.eventbrite.com/
https://www.rootcon.org/xml/rootcon6/register


The Secrecy (New Game)

This year we introduce to you "The Secrecy" is composed of 10 levels, each levels has a secret / hidden phrase or word that you need to find for the players to proceed to the next levels.

Let the cracking begin!!!

Game Mechanics 
The objective of this game is to reach the top-most level which is level 10. In order to achieve that you need to pass each level and get the secret / hidden phrase or word.

The Rules 
1. NO DIRECT DDoS on the game servers.
 2. NO Physical Coercion on players and crew.
 3. Spies works on their own, this is a single player game. You can however have a handler to coach you throughout the game.
 4. Spies are resourceful breaking codes, so be like one ;-)
 5. Bring your own spy gears, laptop, AP, GPS tracking, whatever you think you will need.

Who Can Play 
Any ROOTCON attendee (except for the ROOTCON Goons).

When 
Start of the conference

Prizes Shining UberH4x0r Badge, which entitles you to be put up on the ROOTCON Hall of Fame, free entrance on the next ROOTCON Conference.

Crew / Agents / Handlers 
Encrypted84 Semprix (The Fork Meister)

More details at https://www.rootcon.org/xml/rootcon6/activities#secrecy

Email Gathering with #Metasploit


For those of you who don’t know, there is an auxiliary email module that lets you collect an email address from a domain name using Metasploit. It’s called the ‘Engine Domain Email Address Collector” which is just easy to use. And so lemme guide you on how to use this auxiliary module. First you need to start the Metasploit Console by typing:

msfconsole

Then type :

use auxiliary/gather/search_email_collector


If you don’t want to memorize the whole auxiliary name or command you can just use this command:

search collector



Now you need to set the domain that you want to harvest eg gmail.com, yahoo.com, rootcon.org but for this tutorial, we will use gmail.com.

set domain gmail.com

If you want to store the harvested emails just type set outfile then the path and the filename of the file, for example:

set outfile /home/shipcode/list.txt

To begin harvesting, just type run:


run
After that, you should be able to see the harvested emails. =)

-- Cross Posted from The ProjectX Blog


About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

June 2012 Issue of ClubHack Magazine has been Unleashed!


The June 2012 Issue of the ClubHack Magazine has just been released with the following ub3r4w3s0m3 topics:

Tech Gyan: Playing Bad Games: Anatomy of a Game-Server DDoS Attack
Tool Gyan: Scapy Primer
Legal Gyan: SECTION 66D - Punishment for cheating by personation by using computer resource
Mom's Guide: Hypertext Transfer Protocol
Code Gyan: Preventing Cross Site Scripting… Is it a myth!
Special Feature: Impact of Cybercrime on Businesses
Matriux Vibhag: MITM with Ettercap

You can download the new issue here.
About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

ROOTCON 6 SpeedTalks

At ROOTCON we value everyone....CON-Goers, Sponsors and Partners. This year we are giving away our sponsors the opportunity to talk about what they do, this year we introduced "SpeedTalks". SpeedTalks is available to all major participating sponsors for ROOTCON 6.

The mechanics is pretty straight forward.

1. Avail one of the Major Sponsors of ROOTCON 6

  • Platinum
  • Gold
  • Silver
2. Sponsoring company will send a delegate for their entry on SpeedTalks.
3. Sponsoring companies are given a blazing 10 minutes for their product demo / presentation and product updates.
4. SpeedTalks will be given on Day 1 and Day 2.
5. ROOTCON will align all schedules to the sponsoring company representatives.
6. NO QUESTIONS should be entertained during the SpeedTalk, the allotted 10 minutes is purely presentation / demo / talk. All questions should be addressed on the sponsors booth.

What are you waiting for? Contact our sponsorship liaison.

-Semprix