Flags Obtained this Month

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list, PLUG Linux Security Team
Subject: Flags Obtained this Month
We had a few flags at the the Hackfest last Saturday, obtained while we
were providing a fairly complex presentation on Spoofing.

Pentester/hacker: John Peters (19 years old) [he signed his work:]
Flag/target: http://12.159.65.86/

We also had four people obtain the wireless password (configured as
"password)" for WPA2. Unfortunately, the AP was not plugged into upstream,
so while you could get a dhcp address, you could not get "internet".
Additionally, the firmware image had been hacked and replaced by someone
who did not claim their flag (which often happens at hackfests). The
creative trick here was accessing the wireless router via management
interface using the default password (which was done).

October Spoofing Presentation:
http://it-clowns.com/c/files/drawer/SPOOFING-be_afraid_very_afraid.odp

See you in November for a presentation by David Demland (and a ton more
flags).
--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
Chief Clown
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss