Thursday, May 31, 2012
ROOTCON 6 Call For Papers Now Close
Posted by
ROOTCON
at
31.5.12
Labels:
filipino hackers,
hacker conference,
hackers,
rootcon,
rootcon philippines
ROOTCON 6 Call For Papers is now close, we would like to thanks everyone who submitted. For those who were not accepted you can still enjoy the fun at ROOTCON by registering, socialize, network, learn and have fun.
Read More
Pre-final tracks can be found here
Get to know our ub3r4w3s()me speakers here
We will be posting ROOTCON 6 schedule soon.
What are you waiting for? Register now (Early Registration closing on June 30, 2012) and witness the fun and educational event this coming September 7-8, 2012.
Hope to see you all at the CON.
Sunday, May 20, 2012
New CFP Submission
New CFP submission has landed our Inbox.
Topic Details
Presentation Title: Randomized/Obfuscated Text Detection
Synopsis: Recent malwares have been using obfuscation techniques to hide its code from Antivirus software. Making use of emulation is very effective but would probably result in a slow performing machine especially when your valid apps are getting scanned from malwares. Thus, before a full emulation can be done, a static detection can help minimize this slow performance. Detecting the existence of obfuscated text segregates valid applications from malwares. This topic shows different methods on how to determine if a certain text is rather randomized.
Speaker: Reginald Wong
Speaker Background: Reggie has been in the anti-malware industry for almost 10 years doing research on different types of malwares. He currently heads the heuristics team at GFI Software Philippines and aims to detect malwares before they get in to your system.
More at https://www.rootcon.org/xml/rootcon6/tracks
Read More
Topic Details
Presentation Title: Randomized/Obfuscated Text Detection
Synopsis: Recent malwares have been using obfuscation techniques to hide its code from Antivirus software. Making use of emulation is very effective but would probably result in a slow performing machine especially when your valid apps are getting scanned from malwares. Thus, before a full emulation can be done, a static detection can help minimize this slow performance. Detecting the existence of obfuscated text segregates valid applications from malwares. This topic shows different methods on how to determine if a certain text is rather randomized.
Speaker: Reginald Wong
Speaker Background: Reggie has been in the anti-malware industry for almost 10 years doing research on different types of malwares. He currently heads the heuristics team at GFI Software Philippines and aims to detect malwares before they get in to your system.
More at https://www.rootcon.org/xml/rootcon6/tracks
Early Registration Closing Soon!!!!
Our 2 months run for the early registration will be closing this coming June 30, 2012. If you haven't registered yet, register now to get big discounts!!!
Visit the registration page now!!!
Wednesday, May 16, 2012
May 2012 issue of ClubHack Magazine is out now!
Posted by
Shipcode
at
16.5.12
Labels:
articles,
CHmag,
clubhack magazine,
code gyan,
feedback,
HTTPS,
Hyper Text,
identity theft,
injection,
Kauntilya,
Steganography,
suggestions,
toolkit
ClubHack Magazine's May 2012 issue has just been released yesterday guys and thanks to the Chmag Team for giving us free monthly issues!
Topics:
0x01 - Steganography over converted channels (Tech Gyan)
0x02 - Kauntilya (Tool Gyan)
0x03 - Section 66C - Punishment for identity theft (Legal Gyan)
0x04 - HTTPS (Hyper Text Transfer Protocol Secure) (Mom's Gide)
0x05 - Don’t Get Injected – Fix Your Code (Code Gyan)
0x02 - Kauntilya (Tool Gyan)
0x03 - Section 66C - Punishment for identity theft (Legal Gyan)
0x04 - HTTPS (Hyper Text Transfer Protocol Secure) (Mom's Gide)
0x05 - Don’t Get Injected – Fix Your Code (Code Gyan)
Download the new issue here.
About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security. He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.
ROOTCON is managed by like minded InfoSec professionals across the Philippines. All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.
Tuesday, May 15, 2012
Hackxor - Web App Hacking Game
Posted by
Shipcode
at
15.5.12
Labels:
blackhat hacker,
Cross Site Request Forgery,
Hackxor,
learning,
RCE,
references,
web app hacking,
webapp
Are you a gamer and at the same time a penetration testing enthusiast in web applications?
Well then, you might wanna try whacking out 'hackxor'! Hackxor is a web application hacking game where players must locate and exploit vulnerabilities to progress through the story wherein you play as a blackhat hacker hired to track down another hacker by any means possible. It contains scripts that are vulnerable to Cross Site Scripting(XSS), Cross Site Request Forgery(CSRF), Structured Query Language Injection (SQLi), Remote Command Injection(RCE), and many more. It's also a web application running on Fedora 14.
Download & install instructions
- 1. Download the full version of hackxor (700mb)
- 2. Install VMWare Player (This involves creating a free account with vmware)
- 3. Extract hackxor1.7z, run the image using VMware player.
- 4. Work out what the IP of hackxor is ((try 172.16.93.129)|| logging into the VM with username:root pass:hackxor and typing ifconfig)
- 5. Configure your hosts file (/etc/hosts on linux) to redirect the following domains to the IP of hackxor: wraithmail, wraithbox, cloaknet, GGHB, hub71, utrack.
- 6. Browse to http://wraithmail:8080 and login with username:algo password:smurf
About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security. He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.
ROOTCON is managed by like minded InfoSec professionals across the Philippines. All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.
Subscribe to:
Posts (Atom)
Subscribe to:
Posts (Atom)