Useful Tools
HexEdit
Notepad++
Wireshark
JohnTheRipper
Backtrack
MetaSploit
L0phtCrack
Core Impact
Kismet
Scapy
Notes
Learn something new? Find any of the hidden secrets on the webpage? Make a tutorial and earn some points towards the ultimate hacker. Check back often as we will update the tutorials! *** Hint - you can use plenty of these tutorials to find solutions to the Ultimate Hacker .
Hak5 4 Teh Win
Hak5 has some great tutorials on their website as well as materials about where to begin. Check them out. You can download their podcasts and learn quite a bit.
MetaSploit 4 Teh Win
MetaSploit is a great core of tools that allows attackers simplicity in attacking targets. Its good to know what the enemy has at his disposal for $0 dollars. There is a great tutorial on how to use MetaSploit at Offensive Security.
Image Header Stuffing
Our adversaries commonly use benign pictures to hide data. One method of doing this is to encode information in an image header. Take a look at the slide here for an example how our enemy does this. Search the SIGSAC website and you might find another image with an answer to one of the Ultimate Hacker Challenges. Another way of hiding information might be to put it in comments in a web page source code. Use a tool like Notepad++ to look at the contents of the webpages and see if you see any comments. You might be able to pick up a few more hacker challenges.
Data Capture and Analysis
Its important to use encryption software when connecting to web services. Otherwise, hackers might be able to capture our usernames and passwords. Using a packet decoding tool like Wireshark, a hacker is able to decode packets into a readable format. The Ultimate hacker has a challenge to see if you can decode the username and password for a twitter username and password here. The username and password are transmitted in the clear, base64 encoded. Thanks OpenPacket.org! Check back soon for an encrypted password dump. How might a hacker be able to break that?
Passwork Cracking.
Passwords are actually stored on most comptuers in the form of a password hash. A hash is a one-way function that is takes an input and produces an output. It is very challenging (usually) to then take that output and return the original input. In this way, password hashes do not give attackers our original passwords. To do so would require an attacker to guess at all the possible passwords, compute the hashes, and then compare those hashes to a suspect hash. Wow! That would be a lot of work. Luckily, an open source program called John The Ripper can do that for us. Take a look at it in one of the labs and see if you can crack the next secret challenge. I've provided you a username and hashed password.
Advanced Section
Your First Buffer Overflow
Found a great article the other day written by Sebastian Wolfgarten on writing your 1st buffer overflow. You can read it here. Essentially, a buffer overflow attack takes advantage of poorly written code by overfilling a data buffer in an attempt to overwrite the EIP info register to make a program run some malicious shellcode. For examples of good shellcode, you may want to check out Milw0rm.org. Stay tuned for an Advanced Ultimate Hacker Challenge. We will provide you with a virtual\ machine, the source code, the address of the buffer and no root access. If you can get r00t, its worth some big ultimate hacker points. Look for the VM to come out the week of 31 August.
Bluetooth Hacks
Great video below from Josh Wright from willhackforsushi. He shows how a hacker might compromise someone's Bluetooth device. Take a look if you are interested.