Sunday, November 29, 2009

IndySec Metasploit Unleashed Charity Event

What is the event?
In short, IndySec is hosting a community event based on the Metasploit Framework (MSF).

So, these guys, and a host of others, put this together as a way to raise money for Johnny's food program. Got it? Cool.

When is the event?
Saturday December 12th from 1:00 PM to 5:00 PM (with some social time afterward).

What do you get?
A sense of community, a networking opportunity, instruction from local security professionals, an attack lab, lunch, and you assist in Johnny's life-saving mission.

What is the donation amount?
$30.00. Yeah, take that training budget.

So who gets your money?
The Hackers for Charity Food Program. This is a relationship between you and Johnny's charity. IndySec does not touch your money; however, we would like the collective group to fill out the donation form in a similar way. More on this later.

Are we going to teach the entire class?
Nope. We would need two days to do it justice, so we will just hit some high spots over a Saturday afternoon.

Where is the event?
BlueLock on the world wide west side (of Indy).
6325 Morenci Trail, Indianapolis, IN
(Note, you must bring ID when you sign in to the facility. This is a BlueLock requirement.)

What should you bring?
A laptop with Backtrack or the MSF installed. Formal requirements now posted.

How do I register?
You can't anymore. We are at capacity and therefore registration is closed.

Want to learn more about Johnny's perspective?
Watch his 2009 Defcon presentation.
It's what got me thinking about doing a charity event - the talk blew my mind.

How can I help?
Email Steve. moore.steve (a t) gmail

My company wants to help provide X, Y, or Z. Who should they contact?
Again, email Steve. moore.steve (a t) gmail

Saturday, November 28, 2009

IndySploit Pre-req Checklist

The "formal requirements" as mentioned in the IndySploit Charity Event Announcement:

What should you bring?
  1. a laptop, complete with additional power source (power adapter, additional battery, solar panels, etc.) and functioning wireless NIC
    - primary network access will be via wireless access point
  2. your donation confirmation email (a hard copy will help expedite check-in at the event -- again, this is for some basic donation verification)
    - donation/registration how-to, in case you missed it
  3. the MetaSploit Framework (MSF), in the form of one of the following:
    1. installed on your laptop (or the VM from which you intend to perform your attacks)
      - MSF installer: http://www.metasploit.com/framework/download/ (v3.3 released 17 Nov 2009!)
    2. a BackTrack session, by either:
      1. booting your laptop (or a VM) from a live BackTrack CD/DVD, and then performing updates*
      2. installing BackTrack onto your laptop or a VM on your laptop, and then performing updates*
* Performing back|track 4 updates: "If you are using back|track 4 as your platform, you can always update to the latest version of the trunk by issuing a 'svn up' in the '/pentest/exploits/framework3/' directory."


What we will provide you:
  1. two (2) attack target systems per attendee -- one (1) Windows XP SP2 guest, and one (1) Ubuntu Server 7.04 guest, as described in the "Required Materials" section of the Metasploit Unleashed page
    - these attack target guests will:
    1. be housed on VMware hosts, so you need not host these on your laptop
    2. have the prescribed configurations made and packages installed
    3. be on the previously mentioned internal network
  2. DHCP address(es) on the internal network for your laptop/attack system
  3. internet access via the internal network
  4. the rest of the items mentioned in the charity event announcement (A sense of community, a networking opportunity, instruction from local security professionals, an attack lab, lunch, and you assist in Johnny's life-saving mission)


Additional notes:
  • Please have your attack machine functional/ready (tool kits, wireless networking, etc.) to go before arriving. This event focuses on using the Metasploit Framework (MSF)
  • This is not a switch/router/WAP attack session -- the gear involved in the attack lab is necessary infrastructure for everyone

Tuesday, November 24, 2009

Wednesday, November 18, 2009

IndySec is this week!

IndySec is this Thursday!

Time: 6:00 (11/19)
Location: The Broad Ripple Brewpub
842 E 65th St
Indianapolis, IN 46220

Just ask for the IndySec table. Email me if you plan to come so we can get the correct table size, please. moore.steve (a t) gmail

Monday, November 16, 2009

IndySec Metasploit Unleashed Charity Event Registration

What is the event?
See this page for more information.

How do I register for the event?
First, you need to donate $30 (or more) to Johnny's food program. This can be done in one of two places--the previous link or at the "Donate Here" page of the Metasploit Unleashed web site.

While not required, we would prefer that you use "http://indysec.blogspot.com" as the URL and "IndySec-YourFirstName" as your link text as shown below (click image for higher resolution):



Why put IndySec-YourFirstName in there? Because if you check out the "Donor Cloud" on the food program page, we can flood it with IndySec. Our original plan was to all use "IndySec" and make our name really big, but the Donor Cloud is not that advanced--it just updates the date and doesn't add up the donations. Boooo.

Anyway, clicking on the "Donate" button will take you to the following PayPal page. Simply log in or create a PayPal account to complete the transaction.



The confirmation page should look similar to this:



Next, click on the "View Printable Receipt" link which will present you with the following screen.



Print this page and take it with you to the event for your donation verification. Just save your PayPal email receipt in case you forget the printed confirmation.

After making your donation, please RSVP for the IndySec event by filling out the following form:

SORRY, REGISTRATION HAS BEEN CLOSED FOR THIS EVENT