Tonight I went to NEOISF meetup and witnessed three talks one after another.
Tyler Hudak(@secshoggoth) kickstarted the meetup with the intro to NEOISF and subsequently gave the mic to Dave Kennedy (@rel1k). Dave informed us about a few more updates to his Social Engineering Toolkit software and the new artillery tool that he is building. The stuff that Dave shows in his demonstrations are pretty neat, and this time was no exception.
After Dave finished, Tyler introduced the problem of Right to Left Override characters and the nuisance they are causing in some of the attacks he has found. Apparently operating systems display the RLO unicode character per design, but a malicious user can take advantage of this fact and fool a user into executing binaries. He demonstrated two common ways RLO characters are observed – in filenames and urls. This effort is still under test in different applications like chat clients, enterprise softwares, web sites too.
The group took a 15 minute break, during which I got to chat with Joshua Kelley (@winfang98) about his bread board that had a memory card reader attached to it. We chatted about how tablet and other mobile devices can be pen tested within the intranet or remotely. After the break, it was time to learn about HID devices that can emulate keyboard serially via USB. Teensy++ is one such device. Joshua also showed some teensy c++ code that would allow one to customize the name of the mounted device in operating system and talked about challenges involved in hacking on teensy along with arduino inorder to bypass autorun (he gave a hat tip to IronGeek as he initiated this discovery). He also has been writing a simple shell that you could interact with to do file transfers off of the memory disk.
In parting I learned of a hack for hunger event at Hurricane Labs on 12/14 at 6.30pm that will be taking place, which I might be interested in checking out. Entry is either $20 cash or 5 food items.
Soon, you can find the video of the above 1dave1cup.com