“Inside this [class]room, all of my dreams become realities; and some of my realities become dreams.”

Student: Ed Skoudis's opening his factory. He's gonna let people in!
Teacher: You sure?
Student: It's all over the net, and he's giving truckloads of ethical hacking secrets away.
Teacher: Class dismissed.
Student: No, no. The first one's only for 25 people.
Teacher: Class undismissed.
Student: He's making available 25 golden tickets, and the people who buy them will win the big prize.
Teacher: Where's he hidden the tickets?
Student: They’re not really hidden. They’re inside SANS Events. You have to buy SANS courses to get them.
Teacher: Class re-dismissed.

The terms “Ethical Hacking” and “Ethical Hacker” have now become accepted industry terms. But many companies and government agencies were hesitant to support a credential with the word “hacker” in it. There have been many factors leading to the acceptance of ethical hacking such as:

* Regulations such as HIPAA, SOX, GLBA and numerous others.
* PCI DSS Section 11 and its clarification differentiating penetration testing from vulnerability assessment.
* Many courses and certifications using the term in their titles and official descriptions.
* Cisco Press, the Dummies Series and a plethora of book titles are beginning to use the positive connotation of the word hacking. Even Webster’s New World Dictionary has an edition specifically dedicated to hacking.
* A groundswell of professionals using the phrase and showing great interest in this new and maturing field.

Now add to this grass roots movement, a push by one of the most respected names in security training, SANS. The SANS Institute has long been known as a big player in the government sector. And one of its heavy hitters, who has even testified in front of Congress, Ed Skoudis, is the author of a new course with the exact phrase in its title. All of this validates what many of us had hoped for years. Hacking for a living is now a respected profession.

del.icio.us

Discuss in Forums (6)

The SANS WhatWorks in Penetration Testing & Ethical Hacking Summit with Ed Skoudis brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert, Johnny Long, and the man behind the Metasploit Project, HD Moore.

I once had a conversation of Ed Skoudis regarding career choices and advice. He indicated that he often gets asked how others can have a career like his. Barring the inevitable warnings of "careful what you wish for," he graciously shared a story with me. In short, he and a number of other friends in the industry sat down for dinner to answer the same question that others now put to Ed. "Hey. I want to do what that guy does. How do we do it?" This special set of interviews will give you a brief glimpse into what will be explored at the summit itself as well as a look into the how these gentlemen "Did it." Each of these three superstars agreed to answer a few questions to help you with your career. Here we go!

Part 1 - Ed Skoudis | Part 2 - Johnny Long | Part 3 - HD Moore

del.icio.us

Discuss in Forums (3)

The SANS WhatWorks in Penetration Testing & Ethical Hacking Summit with Ed Skoudis brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert, Johnny Long, and the man behind the Metasploit Project, HD Moore.

I once had a conversation of Ed Skoudis regarding career choices and advice. He indicated that he often gets asked how others can have a career like his. Barring the inevitable warnings of "careful what you wish for," he graciously shared a story with me. In short, he and a number of other friends in the industry sat down for dinner to answer the same question that others now put to Ed. "Hey. I want to do what that guy does. How do we do it?" This special set of interviews will give you a brief glimpse into what will be explored at the summit itself as well as a look into the how these gentlemen "Did it." Each of these three superstars will be asked the same three questions followed by additional questions specifically focused for that individual. Here we go!

Part 1 - Ed Skoudis | Part 2 - Johnny Long | Part 3 - HD Moore

del.icio.us

Discuss in Forums (5)

The field of penetration testing, or ethical hacking as it is commonly described, is one of the fastest growing areas in the realm of Information Security. Whether that is attributable to the growing number of regulations such as HIPAA, SOX, GLBA et al or perhaps it is the fact that many hackers have grown up and now have families to support. Or just maybe it is the real fear today that many organizations are garnering more press attention for recent data theft incidents as opposed to their products. No matter how you look at it, penetration testing is becoming a maturing and legitimate profession.

Ed Skoudis of Intelguardians has been an author, instructor and professional penetration tester for the better part of 15 years. The SANS Institute has been a highly regarded organization extolling the virtues of security education, certification and research for quite some time as well. Together they have put together a summit specifically dealing with penetration testing as a profession. The SANS WhatWorks in Penetration Testing & Ethical Hacking Summit with Ed Skoudis brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert, Johnny Long, and the man behind the Metasploit Project, HD Moore.

I once had a conversation of Ed Skoudis regarding career choices and advice. He indicated that he often gets asked how others can have a career like his. Barring the inevitable warnings of "careful what you wish for," he graciously shared a story with me. In short, he and a number of other friends in the industry sat down for dinner to answer the same question that others now put to Ed. "Hey. I want to do what that guy does. How do we do it?" This special set of interviews will give you a brief glimpse into what will be explored at the summit itself as well as a look into the how these gentlemen "Did it." Each of these three superstars will be asked the same three questions followed by additional questions specifically focused for that individual. Here we go!

del.icio.us

Discuss in Forums (8)

The latest version of the Certified Ethical Hacker (CEH) Courseware is due to be released and presented for the first time at Hacker Halted USA 2008 in June. Many small details of CEH Version 6 have been peppered on the Internet, as well as snippets of teaser copy on EC-Council’s own web site.

“With a total of 28 new and never seen before modules, covering the latest concepts, featuring more real life cases, and showcasing the latest hacking and security tools, the Certified Ethical Hacker (Version 6) will be the most advanced course ever.”

So I requested an interview with EC-Council to see if we could get confirmation as well as clarification. The questions are compiled from my own list as well as some others that were suggested by readers of The Ethical Hacker Network (EH-Net). EC-Council replied in a very timely manner with answers from both Haja Mohideen, co-founder of EC-Council, and Chuck Swanson, the instructor scheduled to teach the very first v6 offering of the course.

del.icio.us

Discuss in Forums (5)

By Brian Wilson, CISSP, CCNA, CCSE, CCAI, MCP, Network+, Security+, JNCIA

Last year at ChicagoCon 2007, Brian Wilson gave a great talk entitled "Cain & Abel: Windows Can Hack, Too!" Although the presentation and audio recording of the talk can be downloaded from the ChicagoCon site at Library Media Lab 2007 Evening Presentation Files, I had totally forgotten to publish his videos. Just in case things didn't go as planned during the live event or his laptop crapped out on him, Brian made a video of the MITM attack he demonstrated using Cain. They made it on the DVD passed out to the attendees, but unfortunately not in his column... until now!

del.icio.us

Discuss in Forums (14)

Overview: Hello, challenge fans. Matt Carpenter and I have brewed up a new one for your analysis. The evidence is below. Analyze it and answer our questions. As always, we'll choose three winners: one technical champ, one creative victor whose answer is technically correct, and one lucky person chosen at random. As you work through this challenge, please observe this very important warning! As they say on TV, DO NOT TRY THIS AT HOME. We'll go even further by saying, DO NOT TRY IT AT WORK EITHER. The commands included in this challenge are _highly_ destructive, and some of them are hardware specific. They will hose a machine badly. If you insist on testing the commands, at least use a strongly virtualized environment that isolates virtual hardware from physical hardware, and set a snapshot before each command so that you can revert to a pristine state. We wrote the challenge using VMware Workstation, and did not suffer damage to our underlying hosts. However, we cannot guarantee that your VMware experience will match our own. In other words, to borrow from the TV vernacular yet again, YOUR MILEAGE MAY VARY. Furthermore, some so-called "virtualized environments" other than VMware are merely emulators that do not isolate hardware well, nor do they support snapshots. The commands below could damage such environments, so be very careful. You have been warned!

If you can’t answer this challenge 100%, still send something in to qualify as a random winner. This month’s prize is my book, Malware: Fighting Malicious Code, which I authored with Lenny Zeltser. Each winner gets a signed copy.

--Ed Skoudis, Intelguardians
Author, Counter Hack Reloaded

del.icio.us Slashdot It!

Discuss in Forums (5)

By Chris Gates, CISSP, CPTS, CEH

WTF is XPath Injection?  Data can be stored in a XML file instead of an SQL Database.  To sort through complex XML documents, developers created the XPath language.

http://www.w3.org/TR/xpath

XPath is a query language for XML documents, much like SQL is a query language for databases.  Instead of tables, columns, and rows XML files have nodes in a tree.  And like SQL, XPATH also had the potential for injection issues if queries are not properly sanitized.

Why is XPath Injection so dangerous?

• XPath 1.0 is a standard language. SQL has many dialects all based on a common, relatively weak syntax.
• XPath 1.0 allows one to query all items of the database (XML objects). In some SQL dialects, it is impossible to query for some objects of the database
  using an SQL SELECT query (e.g. MySQL does not provide a table of tables).
• XPath 1.0 has no access control for the database , while in SQL, some parts of the database may be inaccessible due to lack of privileges to the application.

del.icio.us

Discuss in Forums (2)