LuSec

Hey there!

For those of you, who are still visiting sometimes this page there’s a bunch of interesting news. First of all, in a few days I will upload the video from the last presentation. It’s a time-consuming process, that’s why it takes me quite a lot of time to do.

The next LuSec is planned for the next year, however if I stay in Sweden until June (which will be clear next week), then at the end of April “LuSec Briefings” are scheduled. It is an unofficial meeting with small presentations (20-25 minutes + 10 minutes discussion). So far there are 3 presenters already. Not sure about the webcast, but all the slides and probably also audio will be later available. More information comes at the beginning of April. So stay tuned

Presentation by Neil Costigan about public key cryptography

Slides can be downloaded here

Presentation by Artjom Vassilljev about insecure configuration of PBXs

Slides can be downloaded here

Presentation by John Lindström about challenges in creating security policies.

Slides can be downloaded here

If you have any feedback, comments, proposals, please drop me a line to alius@ludd.ltu.se! I am not yet sure, but hopefully LuSec will be also next year, and bigger, better and more interesting!

Artjom

I guess, some of you are curios to get the solutions for the competitions? Then read below.

The binary code on the poster read the following: “Hello, Dave… I know everything hasn’t been quite right with me, but I can assure you now, very confidently, that it’s going to be all right again. I feel much better now. I really do. I really do. I really do. I really… #@&*$^!%{#* …I am completely operational, and all my circuits are functioning perfectly. …it’s going to be”. Anders was the only one to decrypt this hard text! Congratulations to him!

What was bad about the dummy network configuration? Actually, everything was bad. Here are the things, that you could report:
* The wireless network was open, which itself is a big security risk for the company
* FreeBSD 5.5
* The password for root was “happiness”, the same on both servers and on the WiFi router
* Both servers had test account, which had the password “test”
* One of the machines had “finger” service enabled
* Both machines had several accounts on them with passwords from Top 500 worst passwords list
* In the home directory of the test account on one of the servers there was a compiled program with SUID bit enabled, which had several buffer overflow bugs, which could be exploited to get the root access. Additionally, there was a source code in the same directory to ease the finding of bugs
* Old version of thttpd server with a lot of security vulnerabilities
* Netutils scripts running on one of the servers
* Outdated Apache server, which has security vulnerabilities
* PHP4, which has numerous security vulnerabilities
* PHP allow_url_fopen and register_globals was on
* MySQL root password is “happiness”
* FTP allows root to login
* Outdated version of Wordpress with security vulnerabilities
* Outdated version of Coppermine photo gallery with security vulnerabilities
* Disabled e-mail verification in the Coppermine photo gallery
* Not enabled firewalls on both of the servers
* Disabled security settings on both servers, which limit the amount of packets per second, that kernel receives
* Predictable path for PHPMyAdmin (http://server/pma)
* Old version of PHPMyAdmin

Congratulations to Jonas and Andreas, who won this competition!

I am still struggling with videos. As it turned out, it is not so easy to convert them from Marratech format to something better, so keep on waiting, in a few days I will upload them together with slides. So far, here are some photos from the event: http://picasaweb.google.com/shipzdik/LuSec