What a long strange trip it has been….
Friday, March 18, 2011 at 2:52PM 1 year of InfoSec Blogging and Twitter.
I am sitting here listening to Dave @rel1k Kennedy speaking about SET on OSOC and I am reflecting how I got here…
Present day: I am successful in my career. Using the information I have learned in the past year, I carved out a niche in my role and helped create a global security group responsible for the InfoSec programs at my company. I am successful in my home life as well. I have a wonderful healthy baby boy who is the prize for living this life.
1 year ago: I was an auditor who tested using checklists. As a youth, I was big into computers and hacking but after high school I took a break and went the Finance route. I knew Security but it was only the tip of the iceberg. I did have a CISSP after all. As part of my work goals, I joined Toastmasters to enhance my public speaking. I did the first speech about my youth being a hacker/BBS user and I quoted this.
http://www.n00bz.net/blog/2011/1/27/the-conscience-of-a-hacker.html
The words were true today as they were when I first read them.
And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
"This is it... this is where I belong..."
I realized that I never left the security scene because InfoSec was in my blood and I was still me. At my core, I am a hacker. I had starved my hunger for new knowledge long enough. It was time to go where I belong….
South Florida ISSA
1 year ago today I attended a South Florida ISSA meeting that changed everything. I had attended them before. Several years ago I was a winner of the ISSA Hack the Flag and Chili Contest. I always had something going on and had stayed away for several years.
At the meeting, HackMiami was showing off several attacked including Wireless Attacks. I shared some techniques I used vs. what they were using to crack it just a little bit faster. After that, I went for some beers with the group. I had met Tim Krabec @tkrabec before and I sat by him. Tim introduced me to someone and they asked “what is my twitter name and did I have a blog?” I never went on twitter and I didn’t have a blog. A few beers later, I went home and got on the puter and registered a domain.
I had a blog and I went on Twitter.
n00bznet is born
I started a blog… It had some security things as well as a few fun things along with some pictures…
http://n00bz.net/blog/2010/3/29/nerd-porn.html
http://n00bz.net/blog/2010/3/28/google-ipo.html
http://n00bz.net/blog/2010/5/12/dui-in-the-making.html
I also had a few awesome videos.
http://n00bz.net/blog/2010/5/6/starwars-legos-awesome.html
http://n00bz.net/blog/2010/5/10/cloud-computing-killed-the-third-reich.html
During this time I gave my first presentation on Wifi (In)Security. It went very well and HackMiami asked me to present again.
The Pwn-Off
During this time, Rapid7 had released Metasploit Express and I got a demo copy of that along with Core Impact to bring to the ISSA Hack the Flag Challenge. Problem was the challenge had moved dates. (4 letter word here). I told Alex and Peter from HackMiami that we should have a pwn off and run the 2 tools against each other.
http://n00bz.net/blog/2010/6/3/core-impact-vs-rapid7-metasploit.html
http://n00bz.net/blog/2010/6/3/bring-me-your-tired-and-poor.html
http://n00bz.net/blog/2010/6/4/hackmiami-rumor-immunity-ready-to-rumble.html
http://n00bz.net/blog/2010/6/4/rumor-confirmed-immunity-is-coming-to-play.html
http://n00bz.net/blog/2010/6/4/hackmiami-canvas-vs-core-vs-metasploit.html
With 2 million packets going across the wire, the winner was Rapid7 and Metasploit Express.
http://www.n00bz.net/hackmiami-the-scorecard/
It was an amazing event and through this event we got to meet some great people.
Press F1 for pwn
A short time later, Tavis Ormandy released a bug in Microsoft HelpCenter. (CVE-2010-1885) This is a bug I would become very familiar with. The great debate was not over the bug, but disclosure policy. The 2 sides torn between how much long of a time do we need to let the vender try and fix/acknowledge the bug vs. just posting it out for all to see. Full vs. Ethical disclosure. Many people slammed Tavis. I soon learned his frustrations when alerting a vendor of a bug and being pushed aside.
http://n00bz.net/blog/2010/6/21/brad-spengler-gets-the-amen-award.html
This was patched my Microsoft in what was the last patch for XP SP2 and Windows 2000.
http://n00bz.net/blog/2010/7/6/patch-tuesday-windows-xp-help-and-support-center-exploit.html
http://n00bz.net/blog/2010/7/13/cve-2010-1885-1-month-later-better-then-7-years.html
Shortly after I was showing the help center bug when I discovered that my AV application told me it removed the threat and protected me. Oh yah, it also generated a meterpreter session.
http://n00bz.net/blog/2010/7/15/poc.html
I called up McAfee and they were awesome. "@DaveMarcus is the man."-@rodsoto! In fact, that needs to be said a few more time. @DaveMarcus is the man. @DaveMarcus is the man. @DaveMarcus is the man.
The Best News Ever
I also learned that a few months ago, I dropped a payload during a pentest and the exploited code had been run. My wife was carrying my son. This picture he looks like an alien but he is a lot better looking now :)
http://n00bz.net/blog/2010/7/23/say-hello-to-alexander.html
DEFCON
@jcran had been hyping up the Rapid7 party so I figured I would go. It happened that Blackhat/DEFCON were going on the same time so off to Las Vegas I went.
http://n00bz.net/blog/2010/7/29/defcon-day-1.html
http://n00bz.net/blog/2010/7/29/defcon-official-day-1.html
http://n00bz.net/blog/2010/7/30/core-impact-vs-metasploit-express-defcon.html
Coverage of Defcon fell off after that point…. A good time was had and so knowledge was learned by me. I met some amazing people. @digininja, the crew from Hak5, the guys from CCC, DCNYC, and DualCore!
I recommend anyone who likes security and even if you don’t, come to DEFCON.
I will be bringing 4 new people to their first DEFCON this year.
I am going to BlackHat/DEFCON again this year… now it is part of my job responsibility.
Metasploit Express/Pro Demos
With several updates, Metasploit Express gained new functionality and I had a good time exploring new uses for the tool.
http://n00bz.net/blog/2010/8/18/client-side-attacks-with-metasploit-express.html
This one had the awesome USB in the bathroom picture!
http://n00bz.net/blog/2010/9/15/social-engineering-using-metasploit-express.html
Using Metasploit Expres to pwn a Domain
http://n00bz.net/blog/2010/9/22/using-metasploit-express-to-own-a-domain.html
DLL Hijacking was announced.
http://n00bz.net/blog/2010/8/27/dll-hijacking-roundup.html
I even wrote up how to Hijack some DLL’s with Metasploit Express
http://n00bz.net/blog/2010/9/15/dll-hijacking-with-metasploit-express.html
Rapid7 also released a Professional version of Metasploit
http://www.n00bz.net/metasploit-pro/
http://n00bz.net/blog/2011/1/4/metasploit-pro-bypass-win-uac-ftw.html
Public Speaking
Over the past year I got to use my ToastMaster Skills doing some presentations.
I gave an awesome presentation on Buffer Overflows.
http://www.n00bz.net/blog/2010/9/7/hackmiami-buffer-overflow-slide-deck.html
I had the opportunity to speak at HackerHalted in Miami. Here I met some awesome people and also presented my CVE’s about AntiVirus detection after malicious files are executed.
http://www.n00bz.net/antivirus-cve/
McAfee was awesome in resolving this issue.
Some other vendors, not so much: http://n00bz.net/blog/2010/11/20/avfail-at-the-mall.html
http://n00bz.net/blog/2011/1/4/killing-av-when-it-just-will-not-die.html
Even some of the good venders slip up some times.
http://www.n00bz.net/blog/2011/1/5/virusscan_bypassrb-now-with-a-lame-security-bulletin.html
What am I doing now?
Lately I have been playing around with Metasploit 3.6 and using it to remove Malware
http://n00bz.net/blog/2011/3/8/metasploit-36-review.html
http://www.n00bz.net/blog/2011/3/11/using-metasploit-to-remove-malware.html
I have also been interested in the PS3:
http://www.n00bz.net/blog/2011/2/16/quick-ps3-backup-managers-tutorial-for-355-kmeaw-cfw.html
It should be noted: I do not own a Playstation 3/Any Sony Device. Suck it Sony.
I am working with my #HackMiami crew creating a test network infrastructure for a new CTF arena to host the Pwn-Off Part 2. Last time the Joes ran the tools... Lets see what happens when the Professionals run them!
Like many, I am working hard with my job and enjoying time with my family. At the end of the day, we do the best we can and make sure to take care of the things that really matter!
My Challenge to you
So 1 year later, I am reflecting on where I have been and I issue a challenge to all… Find someone new. Find someone who loves Computers and Security. Find someone who is a hacker; whether they know it or not J I want you to reach out to them. Share with them the “\/\The Conscience of a Hacker/\/” and watch their mind reboot and new ideas are formed. Challenge them to ask “Why?” and be there to help them discover the answers. Take them out to the desert for DEFCON or DerbyCon. Give them the taste and hunger for knowledge.
Reach out to them…. after all, we're all alike.
http://www.n00bz.net/blog/2011/1/27/the-conscience-of-a-hacker.html
Reader Comments (1)
I wanted to thank you for this post. I'm in a position where I'm just beginning my journey in the IT Security field, at the moment doing all of my security research myself (not company endorsed). Seeing how far you came in a years time has really driven me to re-evaluate my goals, and set my sights on where I'd like to be in a years time. I know it's going to take alot of time, effort, and stress, but I know in the end it will be worth it.