Results 1 to 10 of 10

Thread: Garage Meet December2010 Share/Save - My123World.Com!

  1. #1
    InfoSec Consultant the_empty's Avatar
    Join Date
    Jul 2010
    Location
    the blue no-where
    Posts
    155
    Blog Entries
    2

    Garage Meet December2010

    Everybody was shouting on me cause they have been waiting for me to come-up with this writeup for more than a month. Believe it or not I am sitting at client-site and writing these things up. Anyways I request you all to accept my apologies for the delay. As B0nd says, love your job don't love your company. He is gonna scold me again for being so much busy and not giving time for any other responsibilities. We shall keep this aside and move on ---

    It was then nearly two months since last (rocking) garage meet. It was really exciting cause everyone who called the meet was having some very nice points to discuss. This garage meet was not limited to discussion and execution of ideas. There were two more causes, important and interesting than ever. First was the fact that FB1 got selected as speaker for n|Ucon and also discovered a good vulnerability in a Google product. And the second cause was even more interesting, we wanted to celebrate Anarki bros marriage. Yes he has got married and we all will miss him a lot :P

    This time Swatantra and Virgin_Casanova aka (Siddhesh) were also there for the meet. Apart from those Godwin Austin, Darkest, Darkdawn, 41warrior, silent_poison, fb1h2s, primary_key were there.

    This garage meet was interesting and awesome in every aspect. The mumbaikar garage members were supposed to leave to Pune on 24th at around 8 in evening. But the poor arrangement of the travel agency made us wait for more than two hours and this resulted nothings else than inspiring fb1 to hack the site of theirs while traveling. Thats how we started this garage meet.

    When we reached Austins place in night at around 0300 hours, we all entered the house "Hi ed" him and changed our robes and got into boxers, Austin was the only person left dressed properly. The look on his face was very funny.

    The garage meet started from that point only, we started eating some random things from Austin's fridge and discussed about many random things from how fb1 got selected for null and what his topic was, what different plans Austin is having in his minds for various project ranging from data mining to a good tool for audio-book downloading. We also discussed with Darkest about his awesome progress in exploitation stream, silent_poison working upon rooting and post exploitation and so on. Never knew how time went and the sun rose up high in the sky

    41warrior came to us to wake us from our day dreams. And we realized that as usual we will be starting this garage meet at least one hour late from the scheduled time. This time we chose a college campus to gather and conduct the garage meet. The area and surroundings were quite cool and peaceful.

    The meet started with the discussion about RFID stuff. This time fb1 was in full mood to try out some stuff live. We know that the frequencies of the RFID chip can be isolated using aluminum foil. Also that a magnet can be used to repulse the chip holder out from the lock. So as they say in Hindi "Na rahega baas, naa bajegi Basuri". As punter bro has told us previously, some colors of Asian paint can also be used to isolate the chip frequencies. We already knew the shadow regions for a mall nearby and we all were so much excited to DO SOMETHING.

    But then our great ethical(??) member Austin baba came up with an useful suggestion+idea. He rose a question first that as most of us are earning quite good money, do we really need to steal (small things :P). Second, if we really want to get hands on RFID technology, why to limit our scope of working to just removing the RFID chips. We can study about any and everything involved with this technology, and once we are having firm base of knowledge about every aspect, we can arrange for the TRIALS. Again rather than trying these things on random malls, some of us agreed to user their contacts and arrange some testing session type of thing with the malls. So after discussion of like an hour or so we all decided to drop the tryouts plan and rather go for studying over the topic - so from now after there will be a thread dedicated to our research upon RFID thing in garage. The important areas that we need to work upon shall be -

    1. How exactly does the RFID technology works
    2. What hardwares are included in the entire setup
    3. Find out the big players who develop and maintain such devices
    4. Find out all other usage sectors of RFID technology like access cards, id cards, this mall tags thing etc.
    5. Study some real life cases related to the RFID frauds
    6. Research about data management process involved with RFID technology in malls
    7. Try and Find out about the applications and database being used for selective targets

    Every garage member then decided to work on this stream with a bit serious attitude from now onwards. We concluded this topic with the above mentioned point and then Austin stood up to present his ideas.

    Nowadays Austin's mind is heating up with programming thing only. The thing which i believe he used to run away from :P

    So Austin was planning to code a very cool and useful tool. The tool is supposed to help raise our chances of WINNING a CTF hacking contests. The idea is like this - The tool shall perform a mass De-auth against all the wireless devices connected to the targeted WIFI AP. With the help of this tool one will be able to work upon the given target while the other contestants will get constantly disconnected and thus their chances to CATCH THE FLAG first will be less than that of the code-user. I hope I have explained this well. We had a pretty good discussion about this tools and ideas were flowing from everyones brain. I request Austin or FB1 to elaborate it here because I don't remember much of the stuff of that right now (Sorry).

    Again one more cool idea that Austin wants to work upon is a good tool for DATA MINING. The tool shall perform a good Google search upon given string and give us sorted analyzed results. Like if you search for "RFID bypass" in the tool it shall give you the details for not only the searched string but it shall also show you categorized results sorted on the basis of region, language and stuff. We already have some tools for this but Austin wants a more specific and intelligent tools than those. Again I request him to elaborate the idea further and also tell us his progress upon the topic.

    This was when everyone's tummies started making noises - it was almost 1600 hours in clock. We HAD to eat in order to stay alive and achieve our goals. So we all decided to go to and have our LUNCH in some restaurant. I was supposed to talk about some relatively not-so-interesting stuff on which I am working on while (as neo says) LUNCHING. But once they saw the food everyone forgot about me.

    I was supposed to catch the BUS for my hometown in less than 30 minutes after that so we literally dived onto our food. This time the TREAT was from virgin_casanova. We all thanked and wished good luck to each others. Also prayed to god for ANARKI bro to have a good safe life with his brand new wife.

    It was a real refreshing, exciting and awesome weekend for all of us. Everyone was having some good new plans in their brains. Everyone got inspired by the some or other quality they have seen in each member. Like willpower of darkest, patience and madness of FB1, confidence and brains of Austin, Awesomeness of the trio Anarki-Bond-Punter and the Hackers Spirit of OUR GARAGE. I wish that everyone from Hackers Garage will achieve their goals with a Hacker's style and sure GARAGE will be there for all those are here and those who will be.....


    the_empty_parenthesis( )
    ACCESS is GOD

  2. #2
    Garage Member D4rk357's Avatar
    Join Date
    Jul 2010
    Location
    localhost@mumbai
    Posts
    153
    Blog Entries
    1
    Quote Originally Posted by the_empty View Post

    Nowadays Austin's mind is heating up with programming thing only. The thing which i believe he used to run away from :P

    So Austin was planning to code a very cool and useful tool. The tool is supposed to help raise our chances of WINNING a CTF hacking contests. The idea is like this - The tool shall perform a mass De-auth against all the wireless devices connected to the targeted WIFI AP. With the help of this tool one will be able to work upon the given target while the other contestants will get constantly disconnected and thus their chances to CATCH THE FLAG first will be less than that of the code-user. I hope I have explained this well. We had a pretty good discussion about this tools and ideas were flowing from everyones brain. I request Austin or FB1 to elaborate it here because I don't remember much of the stuff of that right now (Sorry).

    Again one more cool idea that Austin wants to work upon is a good tool for DATA MINING. The tool shall perform a good Google search upon given string and give us sorted analyzed results. Like if you search for "RFID bypass" in the tool it shall give you the details for not only the searched string but it shall also show you categorized results sorted on the basis of region, language and stuff. We already have some tools for this but Austin wants a more specific and intelligent tools than those. Again I request him to elaborate the idea further and also tell us his progress upon the topic.
    the_empty_parenthesis( )
    Yes it was a awesome idea which i loved a lot and my only concern was Social engineering fucking up the search result as it does normally but i guess like Austin bro said modifying the search expression specifically we might be able to do away with the undesirables
    and like always i simply loved the writeup . empty has a alternative bright career as a writer for Page 3
    Spirit was turned 2 ashes ,soul endured so much pain..
    now the darker time evanescence ,the fallen shall rise again.

  3. #3
    Awesome write up .....!!! was eagerly waiting for it
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  4. #4
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Quite interesting and nice write-up the_empty.
    You guys have taken the right approach for RFID and we all are glad to see that members are increasing with each meet

    Good going guys!

    Thanks
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  5. #5
    I cud see a slideshow of the whole day through your write up!
    I will find a way or make one...

  6. #6
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    And the_empty finally you are done with the write up, well you are the JK rowling of garage , thnaks for the writeup.
    Hey does any one happen to have a Pic of last meet ?? empty formated his drive unknowingly so missed it ??
    And there we 10 + Members for the meet.
    Hacking Is a Matter of Time Knowledge and Patience

  7. #7
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Location
    Lucknow/Pune,India
    Posts
    466
    Blog Entries
    2
    Nice writeup the_empty !

    And nice going guys on RFID technology... Boy ! u guys were into some rocking adventures !!
    In the world of 0s and 1s, are you a zero or The One !

  8. #8
    Garage Addict 41.w4r10r's Avatar
    Join Date
    Jul 2010
    Location
    Pune
    Posts
    338
    Blog Entries
    3
    just wanted to put some more research on RFID....

    Last week i was on project at datacenter where they gave me access card which was no doubt RFID integreted...

    So now i saw RFID writer, Its actual functioning (My Social Engineering worked) .etc
    i would like to put those points in the thread dedicated to RFID research...

    Bond i request you to create one section named "Garage Research" and then we will put researches in that section like "RFID"

  9. #9
    @ 41.w4r10r bro: Bro u have given a solid !dea...! We should have a section name "Garage Research" so that members can share their research and creativity. I also request admins to please put up this section
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  10. #10
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    @w4rrior write something abt it bro ,lets read
    Hacking Is a Matter of Time Knowledge and Patience

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •