New URL & Design!

Dear followers, I’ve got a new URL and a new brilliant design at blogspot instead. The platform fits me better and I’ve transfered some of the old blog posts. From now and on I’ll step up in quality, both in contents and by the designing.

ENTER: http://xploitations.blogspot.com

My Customed Linux Image

Last 24 hours, I’ve begun to craft my own Linux image. I will NOT release or publish it anywhere because it’s a personal project. This has like Backtrack a orientation in security.

The tools will be selected mainly from these 4 distributions:

- Backtrack
- Backbox
- Helix
- SANS SIFT.

But tools may come from other sources as well. For instance DEFCON and/or other conferences.

Picture from the first, upcoming ALPHA:

Here is a smaller part of my software documentation:

Auditing

Information Gathering: Blind Elephant

Description: The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable.

Link: http://blindelephant.sourceforge.net
Source: DEFCON/Backtrack

Exploration: SSLStrip

Description: SSLStrip is Man-In-The-Middle tool with ability to gain access to websites or applications based on the SSL- or HTTP-protocol

Link: http://www.backtrack-linux.org
Source: Backtrack

Exploration: ExploitDB

Description: Find your exploitations.

Link: http://www.backtrack-linux.org
Source: Backtrack

Wireless Analysis: Gerix WiFi-Cracker

Description: A WiFi-cracking GUI from later releases of the Backtrack dist.

Link: http://www.backtrack-linux.org
Source: Backtrack

Forensic Analysis: aimage

Description: aimage
 can
 create
 files
 in
 raw,
 AFF,
 AFD,
 or
 AFM
 formats.
 AFF
 and
 AFD
 formats
 can
 be
 compressed
 or
 uncompressed.
 aimage
 can
 optionally
 compress
 and
 calculate
 MD5
 or
 SHA‐1
 hash
 residues 
while 
the 
data 
is 
being 
copied.


Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: dc3dd

Description: dc3dd 
is 
a 
patched 
version
 of 
GNU
 dd 
with
 added 
features 
for 
computer 
forensics.


Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: dcfldd

Description: dcfldd
 is
 an
 enhanced
 version
 of
 dd
 developed
 by
 the
 U.S.
 Department
 of
 Defense
 Computer
 Forensics
Lab.

Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: ewfacquire

Description: create
s EWF
 (E01) 
file
format 
images .

Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: ddrescue

Description: ddrescue
 is 
a
 raw 
disk
imaging
 tool 
that 
”copies 
data
 from
 one 
file 
or 
block 
device 
to
another,
 trying 
hard 
to 
rescue 
data 
in 
case 
of 
read
errors.” 
The
 application 
is 
developed
 as 
part 
of 
the
 GNU 
project
 and 
has 
written 
with 
UNIX/Linux 
in 
mind.

Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: Missidentify

Description: find
 executable
files
 without 
an 
executable
 extensions

Link: http://www.sans.org
Source: SANS SIFT

Forensic Analysis: Vinetto

Description: parse
thumbs .db
files


Link: http://www.sans.org
Source: SANS SIFT 

Thesis: Some updates

Now I’m back after beeing quite busy. I first wanted to do my thesis at FOI but, plans have changed. The reason was, FOI had no interest of me and my field at the moment.

This doesn’t matter because at the same time as they denied, I had been in touch with other companies (primary IBM and Ericsson) and organizations.

I carry throught a decision at FMV (Defence Administration). Anyway FMV could rather be a better qualification. My field will still be “cloud security”. By holding a professional approach, I will not mention anything more about my thesis here or anywhere else on the web.

Forensic Laboratory

In digital and cyber forensics the students got access to the CS2-laboratory. The CS2-lab or the “Cyber Systems Security Laboratory” is the place for forensic courses and research. These laboratories have quite fancy equipment like the EnCase suite, FTK and physical hardware like the “Image MASSter Solo 4“.

The physical tool works and looks like this:

At this moment I work together with my group and doing fictive cases. It’s quite fun and I even take some optional “challenges” at my sparetime. The first challenge was to recognize modified file extentions. The files was manipulated in the headers so I used opensource tools like DROID and a hexeditor.

The DROID is in this list. I used Ultraedit as a hexeditor. In my opinion it’s the absolutly best text- and hexeditor I know in the market. It remains 7 other challenges to complete, some other labs and quizes so I’ll keep you updated with what I’m doing.

Challenges in Informationpolitics

Informationpolitics is another field I like to know a little bit more about. From now I’m a part of MP (the Swedish party, Miljöpartiet) and will soon join their network for informationpolitics.

My idea behind the decision is to have another activity in my sparetime. At the same time it’s another opportunity (if it will bring success) to have something relevant in my CV.  My final goal is to get a high position like being the minister of IT. But that is just a dream today.

My other field in MP is humanism but I don’t feel it’s relevant for this blog. From now and on there will be some political posts about IT. I will try to have a little bit more serious direction than both PP, the Pirate Party and the Swedish Anti-Piracy Bureau.

I don’t want to do partial politics. Good politics is politics that is making best possible effort to the people, no matter of society class or gender. I think the war of piracy is just about “me, me and me”. We have to look outside that box. If we’re going to solve the problem both parties have to oblige.

New Courses

The list of courses this term has been changed. I’m reading these courses instead:

- Project Management
- Strategic management of IT
- Digital Forensics
- Cyber Forensics 

University Courses

This term at the Stockholm University my chosen courses are these:

- Challanges and Solutions in Global IT I
- Informationsecurity, Organisation and Leadership
- Organisationprojects in Informationsecurity
- Digital Forensics
- Project Management

It’s a total score of 37,5 registred credits. At the moment I’m completing the first assignment in Project Management. The Project Management is based on a online platform on distance. So I can complete it whenever I want to but it’ll be as soon as possible.

In the first period (A) of the term I’ll complete the Global IT course and the Forensics. In the second period of the term (B), the last 2 courses.

I’ll also complete another 2 exams that I’ve missed before. So it’s still a lot of stuff to do. BUT, I’ll not write my thesis before the summer because my classmate jumped off. So I’ve to find another one. FOI have to wait…