Video Tutorials on Hacking and Security

[Vivek Ramachandran]

Hello All,

I will be posting all the latest videos I publish on SecurityTube.net here.

Please reply to individual video posts to leave behind your comments about them.

Comments and feedback are welcome!

Thanks,

Vivek

[Vivek Ramachandran]

Bytecode Injection into a Running Process using Ptrace()

BlackLight demonstrates how to modify the flow of a running process by injecting an arbitrary code into its EIP register under a Linux environment, using ptrace() system call.

http://securitytube.net/Bytecode-Injection...ce()-video.aspx

[Vivek Ramachandran]

Remote Command Execution on a web server through a reverse shell invoked by a RFI vulnerable script

Great video by BlackLight from http://blacklight.gotdns.org

http://securitytube.net/Remote-Command-Exe...ript-video.aspx

[Vivek Ramachandran]

PHP Shell Injection on a Website through Log Poisoning

Many web administrators save the logs of their accesses on a PHP log file. This video shows the vulnerability of this kind of habit, as we can inject arbitrary PHP code into a log file simply by changing an information that we send to the web server and will be logged (like user agent). That code will be then executed on the server as soon as the web admin reads log files via browser.

http://securitytube.net/PHP-Shell-Injectio...ning-video.aspx

[Vivek Ramachandran]

Demonstration of Hardware Trojans (Defcon 16)

Talk and demonstration on how hardware trojans can use thermal, optical and radio based techniques to leak our secrets. The demo shows all these 3 kinds of trojans and describes how easy it is to smuggle these into common electronic goods such as mobile phones, music players and laptops.

http://securitytube.net/Demonstration-of-H...-16)-video.aspx

[Vivek Ramachandran]

Nmap: Scanning the Internet

How would you like to scan millions of hosts on the Internet and catalog all the interesting insights? This is exactly what Fyodor, the author of Nmap or Network Mapper did last summer. Thankfully, he then went on to share his finding with the community at Defcon 16 in his talk titled "Nmap: Scanning the Internet". Interestingly, as Fyodor notes in his talk that scanning such a large set of IP addresses did help him in uncovering many bugs in Nmap and also forced him to make enhancements and add new features to make the scanner really fast. This video contains the entire Defcon 16 talk:

http://securitytube.net/Scanning-the-Inter...-16)-video.aspx

[Vivek Ramachandran]

Hijacking the Internet using a BGP MITM Attack

Anton Kapela and Alex Pilosov gave this talk titled "Stealing the Internet - A Routed, Wide-area, Man in the Middle Attack" at Defcon 16. The talk begins with some background about BGP basics and how it is used to route traffic, then moves on to currently known attacks on BGP and then finally describes the attack discovered by the researchers using which it is possible to MITM traffic on the Internet for any target destination.

The entire video of the entire talk is available here:

http://securitytube.net/Hijacking-the-Inte...-16)-video.aspx

[Vivek Ramachandran]

Hacker Documentaries

1. Hacker Attack

Documentary traces through the early hacking scene, highlights include - phreaking, interview with Phiber Optic, early credit card number generators, identity theft using social security numbers, the 2600 club, early penetration testing and interview with a couple of ethical hackers, cloning of cellular phones and demonstration of early reconnaissance and hacking techniques such as using the finger daemon, rlogin, rsh, brute force password cracking etc

http://securitytube.net/Hacker-Attack-Documentary-video.aspx

2. Attack of Cyber Pirates

This documentary explores the piracy of online music and movies. It traces through the birth of the Napster program and how it was shut off because of lawsuits from the music industry.

http://securitytube.net/Attack-of-Cyber-Pi...tary-video.aspx

[Vivek Ramachandran]

Bypassing the Linux kernel ASLR using ret2esp Tutorial

In this video tutorial BlackLight ( http://blacklight.gotdns.org/ ) illustrates how to exploit an application vulnerable to buffer overflow under a modern 2.6 Linux kernel with ASLR, bypassing stack layer randomization by search a jmp *%esp inside the executable file and forcing our program to jump there.

http://securitytube.net/Bypassing-the-Linu...2esp-video.aspx

[shonen]

Damn Viv you have been a busy busy man indeed.

I have watched a few tutorials on your site and personally I enjoy the stuff you yourself have released, its straight to the point, informative and the naration isn't hard to understand/annoy the shit out of me.

I thourghly enjoyed the caffe latte attack, very resourceful use of existing apps for a differnt kind of attack vector. My only gripe with the tutorial was the lack of explanation of setting up the honey pot. I have always been interested in honey pots but have no idea how to set one up. In any case I got what was going on and I would love to do this in my home lab.

[Vivek Ramachandran]

Damn Viv you have been a busy busy man indeed.

I have watched a few tutorials on your site and personally I enjoy the stuff you yourself have released, its straight to the point, informative and the naration isn't hard to understand/annoy the shit out of me.

I thourghly enjoyed the caffe latte attack, very resourceful use of existing apps for a differnt kind of attack vector. My only gripe with the tutorial was the lack of explanation of setting up the honey pot. I have always been interested in honey pots but have no idea how to set one up. In any case I got what was going on and I would love to do this in my home lab.

Thanks for the encouragement Shonen! I am glad you enjoyed the videos and that the accent did not get in your way :)

Regarding the Caffe Latte Attack, i agree, the video does not provide too much info into the actual setting up on the honeypot. I will definitely make a video on setting up a honeypot using a wifi card in the next couple of days! Will update this post when i do that. Thanks for pointing this out.

[Vivek Ramachandran]

Hacking Barcodes

Video explains the basics of barcodes and runs us through how one can crack various flawed implementations in Parking tickets, Recycling machines, Access control systems, DVD rentals, Newspaper Ads, Postal codes, Airline boarding tickets, Baggage tracking, etc.

http://securitytube.net/Hacking-Barcodes-video.aspx

A quick demo of how to use off the shelf software to read / write barcodes is available here:

http://securitytube.net/Reading-and-Writin...odes-video.aspx

[shonen]

Thanks Viv I shall eagerly await that tutorial on setting up the honey pot.

That barcode one sounds interesting too, especially cuz I use to work in a video/dvd rental store.

[LauBen]

Viv man, I would just like to say a BIG thank you!

I have been enjoying your post for some time and I really think that mad props need to be directed your way!!

So well done man, and keep up the good work!

[Vivek Ramachandran]

Shonen, LauBen - Thanks for the encouragement!

I was almost wondering why nobody was replying :P Maybe they did not like the videos :o

Good to know at least a couple of folks liked it.

[Vivek Ramachandran]

Hello All,

Assembly language is a must know before one can get into the world of code exploitation techniques, reverse engineering, virus writing etc. Unfortunately, as Assembly is also a bit tough to grasp for newbies as it is very low level. Thus, I decided to create a video tutorial series on "how to get started with Assembly for hackers".

The series is far from complete yet. I will be posting follow up videos in this post as I make more. Here is the first couple I made today:

1. System Organization concepts:

http://securitytube.net/Assembly-Primer-fo...tion-video.aspx

In this first part, I explain the basics of computer organization, CPU registers - general purpose, segment and instruction pointer. Also covered is virtual memory organization, program memory organization, program stack and stack operations.

2. Virtual Memory Organization:

http://securitytube.net/Assembly-Primer-fo...tion-video.aspx

In this video we take an in-depth look at virtual memory organization concepts. We look at how one can use the /proc/PID/maps to peek into the layout of a program's virtual memory and interpret useful things. Also, we show how the Address Space Layout Randomization (ASLR) works in the latest 2.6 kernels and why this is significant from a security point of view. We also show how this can be disabled at runtime if the need be. This video is very important from an code exploitation perspective as it teaches us how to check for the presence of ASLR on a given system.

3. GDB Usage Primer:

http://securitytube.net/Assembly-Primer-fo...imer-video.aspx

In this video we go through a quick primer on how to use GDB to disassemble code, set breakpoints, trace through code, examine CPU registers and memory locations, examine the program stack and many other important use cases which will help us in later videos when we actually start coding in Assembly and want to debug our code.

Comments and Feedback welcome!

More videos to be added over the weekend.

[0x3]

Hey vivek ! are you the same guy in Nixcraft ?

[Vivek Ramachandran]

Hey vivek ! are you the same guy in Nixcraft ?

No, he is a different guy :)

[Vivek Ramachandran]

Hello All,

Just finished creating the next set of videos in the "Assembly Language Primer for Hackers" video series:

4. Writing your First Hello World Program in Assembly

http://securitytube.net/Assembly-Primer-fo...orld-video.aspx

5. Understanding Data types in Assembly Language

http://securitytube.net/Assembly-Primer-fo...ypes-video.aspx

6. Moving Data between registers and memory

http://securitytube.net/Assembly-Primer-fo...Data-video.aspx

Comments and Feedback welcome!

I will be creating the next set of videos over the weekend.

-Vivek

[Zimmer]

Thanks for the Assembly Tuts

[Vivek Ramachandran]

Thanks Zimmer!

The next 2 videos in the series are as follows:

7. Working with Strings:

In this video we will look at how to work with strings in assembly using the MOVS, STOS, REP etc. instruction sets.

http://securitytube.net/Assembly-Primer-fo...ings-video.aspx

8. Unconditional branching:

In this video we will look at how to perform unconditional branching in assembly using the JMP and CALL instruction sets.

http://securitytube.net/Assembly-Primer-fo...hing-video.aspx

Comments and Feedback welcome !

I will try to complete the entire Assembly language videos in the next 2 weeks :)

[SomethingToChatWith]

Vivek, you just very well may be the reason I'm finally getting around to learning assembly. Great work :)

[Vivek Ramachandran]

Vivek, you just very well may be the reason I'm finally getting around to learning assembly. Great work :)

Thanks! I am happy you feel so :)

Here are the next videos in the series:

9. Conditional Branching using the Jump family of instructions

http://securitytube.net/Assembly-Primer-fo...hing-video.aspx

10. Writing Functions in Assembly

http://securitytube.net/Assembly-Primer-fo...ions-video.aspx

11. Passing arguments to functions using the Stack

http://securitytube.net/Assembly-Primer-fo...tack-video.aspx

Enjoy!

[Vivek Ramachandran]

Hello All,

Hope you liked the Assembly Language Primer series I made before this. I will be adding a couple of more videos to it soon. In the meantime wanted to get started with some real fun -

Buffer Overflow Primer Videos

In this video series we will take an in-depth look into Buffer Overflow attacks - how they work and how to exploit them. I made the first video in the series today - a 30 minute session.

Buffer Overflow Primer Part 1 (Smashing the Stack)

In this video we will look at how the program stack can be corrupted by a buffer overflow, how the EIP can be made to point at an arbitrary location in code as a consequence and how one can exploit such a condition.

http://www.securitytube.net/Buffer-Overflo...ack)-video.aspx

Lots more videos to come in this series.

Comments and Feedback welcome!

[Vivek Ramachandran]

Hello All,

Here are the next 2 videos in the Buffer Overflow Primer Series:

2. Writing Shellcode - we will take a very simple case of converting the exit() syscall into shellcode

http://securitytube.net/Buffer-Overflow-Pr...ode)-video.aspx

3. Executing Shellcode - we will look at how to write a simple C program to test the shellcode we wrote in the previous video

http://securitytube.net/Buffer-Overflow-Pr...ode)-video.aspx

Many more to come in this series!