What is Cysec and why did I go?
A few weeks ago I was invited to Cysec by a friend that is studying at Adelaide University. Cysec is a new initiative by some Adelaide Uni graduates to boost the skill set of the students at the university and encourage entry to events in computer security and science.
I’ve always been interested in computer security but never really knew where or how to start. I’d heard of sites like Hack This Site and VulnHub I’d visited them and quickly turned away, not for any other reason except that I just couldn’t be bothered at that time. Cysec seemed like a good chance for me to learn something about computer science and security surrounded by a bunch of smart people with experience.
Requirements
Cysec had pretty minimal requirements the first being a Kali-Linux VM. Kali is a pentesting flavour of Debian that comes with a whole bunch of pre-installed software designed to carry out effective penetration testing and attacks on computer systems. The next requirement was a Adelaide Uni login to access materials but luckily I was able to use the account of another participant, which gave me access to all the problem sets.
Day One
The program started at 8am and was held at Adelaide University campus in the city. The first activity for the day was Assembly Attacks. This involved decompiling two Java programs and using a variety of tools both provided in Kali-Linux and that we had to find ourselves.
The program was very self-directed and luckily I was near people who were able to give me a hand when I got stuck and at some points work in a team with other participants.
The setting of the first program we had to hack had a password hardcoded into it. To do this meant we decompiled the Java program, found the flag in the program and were able to run another program in the command line that finally gave us the account password.
The next challenge involved using Cross-Site Scripting (XSS) to attack a blog website. I’ve done some XSS attacks in the past but never in great detail. The first aspect of solving this challenge involved figuring out where the XSS was. The blog had a few posts and the ability to comment on it. The vulnerability was in the comment form and gave us the ability to run arbitrary JavaScript.
We were tasked with finding the password stored in Bob’s (site owner) PHP Session. To get the password we needed to wait for Bob to access our web page and his browser show its cookie. The answer to this challenge was to run some hidden JavaScript on the page and when Bob came past the page his browser would show its cookie and we would be able to log it on another page. After we got his session we were able to replace ours with his and access the administration functions of the site.
Day Two
Day 2 started at the same place and time. The day’s challenges included decrypting an image and using SQL injection on a site. I have very little experience with image encryption and was very lost with this challenge. I gave it a go and could find the problem and what needed to be solved but I struggled with solving it and was unable to complete it before the session was over. The image used AES-ECB encryption.
The second challenge for the day I was a bit more familiar with. SQL Injection is something all web developers will come across at some point and I know in the past I’ve written insecure sites that if the wrong (right?) person had come across could have leaked some, if not all of the project’s data. This challenge featured the blog we had used the XSS exploit on previously. Our hypothetical site owner, Bob had given us admin access to his site and wanted to see if we could capture another flag and find a problem in his code. The SQLi challenge answer ended up confusing me quite a bit. The answer involved using MySQL to dump files from the file system using Load File, which I wasn’t sure anyone ran on their servers anymore. It makes sense as a possible answer but I felt it was somewhat unrealistic.
Conclusion
Cysec was a lot of fun and I learnt a lot and was able to take away some great information that I can use to test my knowledge in the future. I’ve also now got the tools to use resources like Hack This Site and VulnHub so I can continue learning in the future. Since then I’ve created a Kali VM at work and at home. I’ve also recently purchased a Raspberry Pi and I’m looking to install Kali for the option of security auditing while on the go. Cysec has also given me more knowledge on how to go back and test my own projects to make sure they’re secure from vulnerabilities. Attending events like this makes me want to further my skills a lot more into the world of computer science and I’ve started looking at Computer Science degrees at the universities around Adelaide that I could start next year.
