Team: X

March 23, 2019 Meeting Agenda:

  1. First and foremost we’re in this to have fun and go deep on learning stuff that makes us more valuable in the workforce, even for an old fart like me. When it stops being fun, please let me know.
  2. Team Name – everyone brings three suggestions to the next meeting then we’ll do a quick vote.
  3. Backchannel communications – FFX Slack channel ok? We need something that can be in a window during all types of competitions so we can cut/paste stuff back and forth to each other. Use ‘apt-get install ./slack-desktop-3.3.8-amd64.deb’ then it’s up to you hackers…
  4. Periodic communications – Every other week GoToMeeting, with every other one where someone teaches the other two his latest skills.
  5. Specialization – we need to perform like a special operations team. Each of us needs an area of specialization, others then need to be familiar enough with the basics in other members areas to cover in the event that becomes a focus. Scott will take networks and networking. I’d suggest Ian consider focusing on web vulnerabilities, web servers: Apache, Nginx, and IIS. Chris focuses on codes and programming vulnerabilities, ex. injection attacks, buffer overflows, and permission escalation. We should have a fourth willing to focus on Windows exploits, and I’ll move to pick up Linux system vulnerabilities. THESE ARE ONLY SUGGESTIONS. This does not mean that if Ian specializes in web servers he shouldn’t also be learning the basics about Linux and networking exploits as those WILL become necessary once he breaks through the web server.
  6. Keep your tools sharp – update Kali regularly, learn new tools in your specialty, and go deep. Also, become familiar with the tools recommended by others in the group so you can back them up.
  7. Events & timing – We need to select the events we want to participate in this year and plan months ahead to ensure we’re ready. We should also get together at least once several weeks prior to each event to do a dry run, recognize our weaknesses and have time to overcome them through personal education.
    1. CarolinaCon – April 27-28 $40 in Charolotte
    2. Cackalackycon – May 31-June 2 in Chapel Hill
    3. BSides Asheville – June 22-23 in Asheville
    4. BSides Raleigh – October TBD
  8. Publishing – As we learn stuff, uncover new tools, etc… we should document this so we can share it with each other, and eventually on this or another website. Use notepad, track useful URLs. Initially, I can pull this all together, but over time I should hand this off to one or both of you. This is about building our professional reputations in the area of penetration testing. Also, something to beef up our Linkedin profiles and to demonstrate to prospective employers or contract consulting customers that we in-fact have the skills we claim to have.
  9. Sources for online competitions, please bring one you’ve found to the next call we should be looking into which we can do together, and which we should be using solo to sharpen skills. May also want to dump them into categories if they apply:
    1. https://ringzer0ctf.com/challenges
    2. http://captf.com/practice-ctf/
    3. https://ctf365.com
    4. http://captf.com/practice-ctf/
    5. http://overthewire.org/wargames/
    6. https://www.hacking-lab.com/about/

Something I just picked up that is worth noting for VMs, while it uses the a specific example below you may stumble into this problem as we start various competitions. You may fail to connect to overthewire.org via SSH with a “broken pipe error” when the network adapter for the VM is configured to use NAT mode. Adding the setting IPQoS throughput to /etc/ssh/ssh_config should resolve the issue. If this does not solve your issue, the only option then is to change the adapter to Bridged mode.