Category: MeetUps and Presentations

Hackers.mu VideoStream #1 : Modem Insecurity in Mauritius

On Tuesday the 17th of October 2017, the hackers.mu team had a public podcast on Modem Insecurity in Mauritius. Fifteen minutes after the start of the broadcast, there were already about 30 views from the public. We had over Keshav Purdassea, a student in cybersecurity as guest to ask questions. We also had people asking questions on the Facebook hackers.mu public group.

Logan from hackers.mu made a smart introduction during the podcast about its goal which is informing the public about the vulnerabilities found in Huawei Modem. You can view the video which has been uploaded on youtube here :

Codarren from hackers.mu laid emphasis on several interesting points such as the state of Dnsmasq. He also gave some interesting hints to launch commands on the router which is not similar like a usual Linux Box. He explained how all processes are running as root including Dnsmasq. Codarren recently had a conversation with engineers from Huawei and it’s quite obvious that Dnsmasq is also doing DNS. It was recommended to run Dnsmasq as a non-root user which is one of the best practice in any Linux Box. Someone can craft a DNS packet and run this on the modem with the intention to control it remotely. This security risk needs to be reviewed again.

 

In addition, I made a brief introduction on the preliminary precaution that can be taken to minimise impact such as deactivating Telnet or even SSH on the router. We also noticed how it’s possible to download the configuration file and decrypt it. All passwords can be seen clearly on the configuration files. The binary aescrypt2_huawei can be downloaded from the hackers.mu Facebook group. Here are the steps to be followed to decrypt it :

1.Use the following command to decrypt it :

[[email protected] ~]# ./aescrypt2_huawei 1 hw_ctree.xml decode.xml

2. To re-encode use the following command:

[[email protected] ~]# ./aescrypt2_huawei 0 decode.xml hw_ctree.xml

3. At line 1022, You can find the web interface password

1022 <X_HW_WebUserInfoInstance InstanceID="2" UserName="telecomadmin" Password="402931e04c03e24d360477a9f90b9eb15777e154360f06228be15c37679016ef" UserLevel="0" Enable="1" ModifyPass wordFlag="0" PassMode="2"/>

We also had Yash Paupiah, President of the UOM Computer Club who made a sensitive point regarding as to whether the patch was supposed to come from Mauritius Telecom or Huawei. After some research, we noticed that there was no patch from Huawei itself.

The whole team of hackers.mu and myself invite you to join our Facebook group and Twitter to keep in touch for our oncoming Live podcasts, Hackathons, Public events etc..

Other bloggers on the Podcast:


Cybersecurity Event Mauritius: Firewalls: back, now, then

Have you missed one of the most important cybersecurity event which recently took place in Mauritius ? I wrote a blog post to announce the event. Well, in case you miss it, you might be interested in this article to catch up with the event. It was publicly announced on the hackers.mu Facebook group as well on hackers.mu Twitter account. It was held on the 10th of September 2017 at Voila hotel conference room at Bagatelle, Mauritius. Several students from University of Mauritius, professionals and members of MOSS – Mauritius Open Source Society were also present on that day.

Philipp Buehler During his presentation.
Philipp Buehler During his presentation.

The hackers.mu team which is the first group of Linux and BSD developers in Mauritius invited Philipp Buehler, an international cybersecurity expert. He spoke about his experience in cybersecurity and gave recommendations for people interested by the the field or just want to learn new skills in that area. He also emphasised heavily on Network and Security infrastructure, Firewalls, IPS, IDS and several other components. You can view the slide here :

Mru2017 Talk by P.B of OpenBSD for Hackers.mu event by Anonymous olxMjXje4 on Scribd

It was an open talk. Several topics such as Fragmentations and Protocol issues were tossed from the audience. One of the interesting topic was on IPS – Intrusion Prevent System. Philipp explain how most of the time if wrongly configured the system does not prevent any attack but instead legitimate packets. Typically, since it is an automated system and usually we have Crons which run at night and based upon some patterns by the IPS, same is interpreted as an attack and finally several IPs are banned and finally we land in a debug session. He pointed out about putting it back to an IDS – Intrusion Detection System. Support of IPV6 to several IDS were proposed as one example for University projects. It was amazing how Philipp re-drew the OSI diagram in a practical way and mentioned the “8th layer”. Another interesting diagram explaining how the Kernel interacts with the CPU, Memory and Disk to illustrate the Userland, the Kernel and the hardwares.

In case you are looking forward for more security events in Mauritius, please keep in touch on our Twitter Page and Facebook group. The hackers.mu also credits the PHP User Group of Mauritius for its kind sponsorship of the event and credits to Akasha Lilith for the nice pictures taken during the event  🙂

 


Cybersecurity Event in Mauritius

International cybersecurity expert Philipp Buehler is coming to Mauritius. He will be speaking about his experience in security and what recommendations he has for people who wants to get into the field or just wants to learn new skills in that area.

It is a cybersecurity event, with an international speaker that hackers.mu is organising on the 10th of September 2017 at 15:00 hrs at Bagatelle Conference room. Several topics will be discussed! If you have any questions to ask, this will be the right time for you guys to do it. E.g, what skills do I need to learn or ideas which can potentially lead to my final year project ? 

Feel free to join the Facebook event page  or scan the event QR code in case you are attending the event.

Photo Credits: pfSense
Photo Credits: pfSense

Getting acquainted with PfSense

One of the topic that will be discussed will be on pfSense. For educational and testing purpose, pfSense can be installed on a Virtual Box.

Bio: Philipp Buehler, Co-founder and consultant at Sysfive has designed and implemented firewall technology which is used by many products such as Apple Macbook Pro, smart phones and firewalls which protect many large enterprises around the world.


Hackers.mu attracted a massive crowd at the DevConMru 2017

This is yet another dazzling inspiration that hackers.mu brought into the mind of the audience today on the 1st of April 2017 at the DevConMru – Day 2. After the mesmerising speech at the DevConMru by Logan, this time Codarren Velvindron, core member of hackers.mu hit the conference room with so many attendees. Fast Coding Skills – A well chosen topic especially for the curious ones, beginners or professionals who want to remove the barrier between the code and them. Codarren started the presentation by giving some examples about the applications he ventured into, for example MariaDB.

The room was full with over fifty attendees. While some were sitting on the floor, others leaned up against the wall focussed on Codarren. I heard someone from the crowd murmuring “I want to be a hacker”.. 🙂

C8V2P3IXoAARtuF
C8V2P3HXUAAmYBf
C8VgQ35WAAAOPv9

Several analogies were brought to the attention of the audience such as the difficulties which one has to encounter whilst coding. Tips and tricks to get relief from these difficulties were offered; such as playing, breaking the huge task into parts and analysing the mini parts of each. Another way to understand how the code works is by “deleting” part it after a backup to know how it would behave in a different environment. Codarren also shared his experience about the IETF hackathon in which he participated.

Here is the Slide of Codarren at the DevConMru 2017

Fast Coding Skills by Codarren Velvindron on Scribd

At the end, we thanked Codarren for the job done. Members of hackers.mu kept on responding to people from the audience who were showing interest in coding. Some questions from the audience were about the challenges faced in the IETF hackathon as well as Codarren’s favourite programming language. “Talk is cheap, show me the code” – Linus Torvalds.


Hackers.mu mesmerising speech at the DevConMru 2017

The message was clear and direct at the DevConMru 2017. Painted with a humorist approach, Loganaden Velvindron #2 of hackers.mu bridged the gap between students who were mainly in the audience to reach their goal in the IT industry and Linux in Mauritius.

The DevConMru is a yearly event to bring together developers, beginners, students and professionals. The goal is to bring more craftsmen under the same roof. “Mauritius has been branded “Cyber Island” in the Indian Ocean… Opinions in those matters vary but with this conference we strive to improve the general attribution of our island. Mauritius has great political stability and economical advantages for foreign investors, and the most precious resource Mauritius has to offer is people’s knowledge. The ICT sector in Mauritius is growing since years and maturing as the fourth pillar of our economy. With its geographical position Mauritius is also welcome as a business and knowledge hub between Africa and Asia.”MSCC.

In today’s Mauritius IT industry, everyone wants to have a better standard of living. But how? How to build a successful IT industry? Are we moving in the right direction? Are foreign investors attracted by the quality of the Mauritius IT industry ? Logan did not miss those points to bring the audience on the track.

Photo Credits: Hackers.mu
Photo Credits: Hackers.mu

After giving a brief intro of the hackers.mu team, Logan explained the requirements and life cycles of IT companies and their profits as to whether they are in the same line of fresh IT graduates and professionals. A vivid example is by analyzing the statistics of Github accounts in Mauritius, the quality and quantity of code contribution compared with Singapore. Students were encouraged to publish their coding exercise on GitHubs, create a blog and take part in Google Code-in.

Indeed, hackers.mu work towards such goals, for example, participation and mentoring for the Google Code-in. Several hackathons were organised. Contributions in the real world applications such as Pfsense, OpenSSH, OpenSSL, OpenBSD, LibArchive, Firejails, Linux and others.. This list is long. An award was also received during the IETF 98 Hackathon.

Logan at the DevConMru 2017
Logan at the DevConMru 2017

The slide can be viewed here or on the Scriba website.

I was impressed how Avinash Meetoo, honorary member of the hackers.mu hacked the audience and shed some light to boost the students. Avinash mentioned himself about his passion for blogging and the importance of projecting his personality with the right vision.

At hackers.mu, we invite many to join us, but one have to work hard to attain a certain level of professionalism.  After the presentation, many came to congratulate us for the job done. We were around chatting with many sharing our work and job experience as well as the passion for coding. I once read a phrase in an old book as follows “You are what you eat”.  But things have change now because You are what You CODE!!