Obum Chidi's Blog

There is no way phishing attacks will ever stop. The one and only way to overcome this form of attack is not to get caught – do not be a victim.

Despite the prevalence of this form of attack, not everybody becomes a victim. One of the ways I would subscribe to avoiding being a victim of this form of attack is the application of “Common Sense”. Common Sense, some say, may not entirely be common after all. This is coming out of the fact that what one should ordinarily not be a victim to automatically catches up with one.

With the presence of phones and its widespread usage, communication is done through exchanging of SMS. Phishing has now evolved to the usage of messages to carry out these attacks. The aim of this attack is to get gullible users fall victim to it. One tool being employed in carrying out this form of attack is what I call “Subtle Intimidation”.

These messages sent have ways of invoking fear in the minds of the users and would at times harvest victims. This however is not to revoke from our minds that every one of us is a potential victim. Ending up as a victim depends entirely on what you do with the message you receive.

SMiShing is the art of making use of text messages to carry out phishing attacks.

I recently received an SMS, which I immediately knew was an attack. The message I received is :

“Dear Customer, Due to the BVN validation in compliance with CBN bank directives, your ATM card has been De_activated call our help line on (07033680531) now”

The above message was sent from +2349037918543.

Though phishing attack messages can be crafted without leaving room for suspicion, the above SMS is a poorly crafted one.

Certain features that mark the above as an attack include the poor usage of punctuation marks, issues with capitalization, wrong usage of words, and if this message actually came from my bankers, it would have been addressed to my person.

Care therefore must be taken to avoid being victims of these kinds of attacks. Do not be hasty to respond to any message that comes your way.

Should you want to call the above phone numbers to do your BVN (Bank Verification Number) validation, you can go ahead and place the call.

Goodluck 🙂

Having participated in the concluded SECCON 2015 Online CTF and capturing some flags, I decided to do this write-up to one of the challenges posed – Steganography 3.

A file was provided for us to examine, with the view to finding out what was embedded in it.

After downloading the file and viewing it with a picture viewer, we are faced with this:

Viewing this picture does not in any way reveal much, however, it leaves much to our imagination.

One thing in particular that gave me the strongest hint was the down-right part of the picture – where the picture file is opened using Paint.

I decided to open the file with Paint, but the result was no different from how it appeared having used another picture viewer.

Yes, Paint could do some tricky stuff. I took advantage of what I knew could be the solution to what I sought.

Clicking on the “Fill with color” tool, I left clicked on the picture and this showed up:

The flag was revealed: SECCON{the_hidden_message_ever}.

The Global Cyberlympics finals recently held on the 20th of October, 2015, in Washington D.C. The competition is one where Ethical Hackers representing different organizations, all over the world gather to test their mettle on CTF exercises.

This however is not possible without them first having gone through preliminary stages to determine those who would represent the various regions around the world. Just as other groups represented various parts of the world, the African region got represented by 2 teams from Nigeria – Team Naija and HAWX. They participated in the competition and to me, they are indeed champions, having topped the chart to represent Africa.

Hack.ERS (Europe) emerged the winners of the competition, Sector C (Europe) came out first runner ups and CTRL+ALT+DEL (North America) emerged third place. Congratulations.

Several write ups have started being published, so as to aid others. One of such can be found here.

This is a write up on how I solved one of the challenges (I was not at the cyberlympics this year 🙂 ).

According to my friend (he participated), “the question was to find out what’s wrong with the pcap…the answer lies within the pcap…”.

I downloaded the .pcap file and one thing that got me curious was the size. I assumed it was not large enough.

It then occurred to me that no matter the size of the file, “packets don’t lie”.

After opening the .pcap file with Wireshark, I noticed that packets 20 to 77 had a continuous flow of data on the SSL protocol.

Afterwards, I reassembled the packets (SSL) by following the TCP Stream, which resulted in this hex editor:

Sighting the .PNG header, I knew a picture was involved. I saved the file with a .png extension, selecting the ‘raw’ radio button. After saving it, I opened the file and found this:

Hmmmm, warl0ck gam3z…I love these guys.

Network Miner has a way of indicating what a .pcap file contains but when I opened this file using Network Miner, there was no indication that a picture was embedded therein.

On the picture is indeed a clue as to what to work on.

Using my favourite online hash decrypter I tried decrypting the hash:

and I got this:

Wow! It can clearly be seen that the key asked for is the MD5 hash of ‘wg’.

Hashing ‘wg’, I got this:

Voila…Flag captured…challenge solved.

Ciao.

Have you ever thought of arousing your IT forensics instincts with some training?

I have come to notice that many people who are interested in IT Security tend to have more leanings towards Hacking. This is in no way to say that they are making wrong choices but several other areas abound in the world of security that you can delve into.

The world of Forensics is one that not so many people are interested in, but this is an aspect of IT Security that spurs up one’s security consciousness. As an IT person, security is of utmost importance to the IT infrastructures installed in the organization one works in.

The need to know what may have happened that resulted in a system crash is the Digital Forensics domain.

EH Academy is a platform where one can get training on Computer Forensics. Simply visit EH Academy and you will be availed of the course and several other courses.

To avail yourself of the Computer Forensics course, simply visit http://academy.ehacking.net/courses/computer-hacking-forensics-investigation/.

This course will teach you several ways to go about that investigation you are finding hard to go through.

Do not miss visiting here.

Investing in one’s self this year is what it takes to become better and knowledgeable.

Having introduced us to cybrary.it, I will like to add that anybody who has not yet patronized cybrary.it is really missing a lot.

Paraphrasing, to learn how to defend yourself, you must learn how to attack.

The above paraphrase is so true. In a world ridden with hackers, one must learn how to protect himself/herself from these marauding hackers.

The need for protection of digital assets therefore becomes imperative. Knowing what to protect from hackers of important.

Professionals are hired by companies to help them protect their assets from hackers. However, these bad guys, otherwise known as black hats, have access to the same tools and skill set white hats have also.

The concept of hacking is not a bad one. What makes it look bad is the motivation a hacker has. White hats are hackers employed by organizations with the view to defending their networks and protecting their assets.

Having gone through the course, Penetration Testing and Ethical Hacking, I have gotten training on the rudiments of penetration testing. The course exposes one to activities that are required for the protection of digital assets. The course can be gotten here.

The videos are explicit enough and the instructor, Leo Dregier, did just to the course.

As once said, invest in yourself this year using cybrary.it.

Hi all. 2015 has begun and this is the second month already.

You had wanted to take that course and probably write that IT certification exam in 2014, but ended up not acquiring the required passmark. That could be very frustrating indeed. The joy of every exam candidate is to write and pass an IT certification exam at first sitting, as this is both cost effective and time saving.

This year is one where you should not be weary but continue to invest in yourself. Thinking of breaking the bank to go obtain lectures and eventually sit for that certification exam should not be a deterrent to your plans for the year.

Obtaining an IT certification comes with so much a cost but in this year, I will be introducing you to a platform through which your desire to obtain that IT certification will be easily and quickly achieved.

Cybrary.it  is a site dedicated to bringing you free lectures on your desired IT subject. You could attend online lectures on cybrary.it and go ahead and write that exam.

Cybrary.it presents very concise and explicit videos, which present you with real world lecture scenario and the videos are self paced. The videos are explanatory to a large extent and present you with practical learning experiences on your desired IT choice.

One big plus for cybrary.it is the revolutionary change they bring to the IT world – the courses are FREE. Another plus is that completion badges and certificates of completion are awarded successful students.

As may be thought, that anything free is of no value, the vision of cybrary.it is that IT should be taught free as we are in an information age.

On cybrary.it, so many learning paths exist. Some of the courses offered include Comptia Security+, MCSA, CISA, CISSP, Advanced Penetration Testing, Python for Security Professionals, Metasploit e.t.c.

One thought which may now be ringing in your head is how can the above courses be taught free?

I make it bold to tell you that the lectures are free. Simply watch the course videos and learn.

Having taken the Computer Hacking Forensics Course, it was a great experience. The course is a prerequisite to obtaining the EC-Council CHFI certification exam. The instructor, Leo Dregier, ensured the course was understood in the lecture videos.

Going through the course videos, the rudiments of Digital Forensics were expatiated. Various tools were discussed as the course modules were gone through. Most importantly is the fact that Forensics must follow some detailed processes to eventually have the evidence admissible in court.

The course can be accessed here.

I therefore implore you all that in this year, 2015, utilize cybrary.it in investing in yourself.

I