Tag: hackers.mu

IT and Internet Users of Dodoland by hackers.mu

Since the split of the Linux community in Mauritius, hackers.mu was born. A new vision and objectives were the foundation of the hackers.mu core group. Our aim is to reach more people who will code in softwares that are used worldwide. The hackers.mu family kept growing. Today, we have brought more members in the hackers.mu community and right now, there is a boom in this group. Additionally, people from various part of the world wants to be part of the group, as seen on our Facebook group. Hackers.mu has been hosting live video streams on YouTube to bring together more people willing to learn and share in the community.

Just chill. Let me get back to the title of this blog – IT and Internet Users of Dodoland! On Saturday, the 18th of November 2017, I was at the University of Mauritius together with Logan. We were joined by Yash Paupiah and Jagveer Loky. A presentation was carried out on “Introduction to Github” and the launch of the Mailing List called the “IT and Internet Users of Dodoland”. During the presentation, Logan brushed over the importance of having a Github account as well as sharing one’s code on it.

Presentation by Logan at the University of Mauritius

An example is to publish one’s assignment by a student. This acts as a catalyst for the academic development of the student. Today, companies will usually search the Github account of people, including Mauritians before recruiting them. Students were encouraged to create their Github accounts and even a blog. Then, we discussed about the achievement in the IETF 100 Hackathon. Logan took an example of Yash Paupiah’s who did some scripting two years back and now sending patch in the open source community. For example, the patches about TLS 1.3 during the IETF 100 Hackathon. At the end of the session, we announced the creation of the Mailing List “IT and Internet Users of Dodoland”. Jagveer Loky from the hackers.mu community was chosen to be the moderator of the mailing list. He will ensure the proper and smooth running of the mailing list.

At the University of Mauritius

At the end of the presentation, we had conversations with the students who were interested in topics such as OpenSSH, MVC, Java Programming, and MongoDB. Notes were taken to focus on these topics in the days to come. Then, we headed to Flying Dodo Bagatelle to celebrate the launch of the new mailing list by the hackers.mu team.

Celebrating with beer and pizza at Flying Dodo Bagatelle

We also had a video stream, where we were joined by other people from the hackers.mu community who came forward asking questions about the IETF 100 Hackathon and on several aspects of TLS1.3. Jagveer shoot a question as to whether people knew about the IETF in Mauritius. Of course, many knows about the IETF, but at what level is the contribution? As a technical guy, merely watching what’s going on at an IETF Hackathon does not make sense but instead contributions should be carried out in terms of codes to make the OpenSource community more rigid. 

Video Stream from Yesternight

At hackers.mu, we kept on innovating to transmit the messages through the internet as well as on the ground. Weeks back, we were also at the University of Mauritius where we met Yashtir Gopee who is a passionate of robotics and Artificial Intelligence. He also joined the hackers.mu community and is willing to join the “IT and Internet Users of Dodoland” Mailing List.

Yashtir and Logan

Indeed, we have come a long way since the creation of hackers.mu. In such short time, we have been able to meet our objectives and we are continuing towards innovations and quality work in the group. I am looking forward that people make good use of the Mailing List and bring forward their issues as well as their contributions. Click to join the Mailing list.

IETF 100 hackathon on TLS 1.3 by hackers.mu

Some days back, The Register mentioned about hackers.mu preparing for IETF100 hackathon. Hooray! Yeah we did it and the hard work finally paid off thanks to the core team and the whole of hackers.mu team. After registering on the IETF – Internet Engineering Task Force website, the hackers.mu team set itself on the TLS1.3 API source code. We were all focused on the OpenSSL codes.

Once in our office, we set up the network and our equipment. Check out logan’s blog to have an idea how things went on. That’s true we struggled in the beginning, but finally we could see the light at the end of the tunnel. Patience and patience is all what you need and a calm mind to study how things are in the code. The testing was then carried out to confirm the beauty of the TLS 1.3 codes in our chosen projects. You can also view the TLS tutorial which explains the objectives of TLS1.3. For example: Mitigation of pervasive monitoring.

Here are some hints about the security from TLS1.3

  • RSA key was removed.
  • Stream ciphers was reviewed.
  • Removal of compressed data mechanism which was able to influence which data can be sent.
  • Renegotiation was removed.
  • SHA1 and Block ciphers were removed.
  • Use of modern cryptography like A-EAD.
  • Use of modern key such as PSK.

For more details see this blog from OpenSSL. We were also working together with the TLS team in Singapore which was lead by Nick Sullivan, champion at the IETF TLS hackathon.

After the IETF Hackathon, it was announced publicly about the good job done by the hackers.mu team on the IETF channel.

The team at the beach 🙂

More links :

PS: Any more links related to IETF Hackathon TLS 1.3 let me know, I will add it here!

Feel free to join the hackers.mu community group on Facebook and follow us on our hackers.mu Twitter account.

Hackers.mu VideoStream #2 : Modem Insecurity in Mauritius

Some days back, the hackers.mu team made our first video stream on Youtube about Modem Insecurity in Mauritius. We received several feedbacks from the public, friends and local medias about the issue raised. Upon further research I noticed that there are several countries including Vietnam, China amongst others are in the same problematic situation as they are using the same Huawei modem. More and more vulnerabilities are now being faced by the end users. Users aware of the issue can mitigate it from their side whilst others are still in the dark.

On Friday, the 20th of October 2017, another video stream was carried out by the hackers.mu team alongside other friends and professionals. We started with a short introduction from everybody in the videostream.

We had Billal, Codarren, Edriss, Irshaad, Logan, Kifah, Selven, Rahul, Yash and myself (Nitin) participating in the video stream. You can view the VideoStream here:

Our agenda was as follows:

  • An introduction from participants
  • Huawei’s acceptance of upgrading Dnsmasq
  • Other discoveries in the Huawei modem
  • Implication of Krack attack
  • Understanding of the mitigation techniques on Krack attack
  • Everyone’s perspective about the vulnerabilities on the Huawei modem

Other sources talking about hackers.mu‘s insecurity detection on the Huawei modem

Hackers.mu VideoStream #1 : Modem Insecurity in Mauritius

On Tuesday the 17th of October 2017, the hackers.mu team had a public podcast on Modem Insecurity in Mauritius. Fifteen minutes after the start of the broadcast, there were already about 30 views from the public. We had over Keshav Purdassea, a student in cybersecurity as guest to ask questions. We also had people asking questions on the Facebook hackers.mu public group.

Logan from hackers.mu made a smart introduction during the podcast about its goal which is informing the public about the vulnerabilities found in Huawei Modem. You can view the video which has been uploaded on youtube here :

Codarren from hackers.mu laid emphasis on several interesting points such as the state of Dnsmasq. He also gave some interesting hints to launch commands on the router which is not similar like a usual Linux Box. He explained how all processes are running as root including Dnsmasq. Codarren recently had a conversation with engineers from Huawei and it’s quite obvious that Dnsmasq is also doing DNS. It was recommended to run Dnsmasq as a non-root user which is one of the best practice in any Linux Box. Someone can craft a DNS packet and run this on the modem with the intention to control it remotely. This security risk needs to be reviewed again.

 

In addition, I made a brief introduction on the preliminary precaution that can be taken to minimise impact such as deactivating Telnet or even SSH on the router. We also noticed how it’s possible to download the configuration file and decrypt it. All passwords can be seen clearly on the configuration files. The binary aescrypt2_huawei can be downloaded from the hackers.mu Facebook group. Here are the steps to be followed to decrypt it :

1.Use the following command to decrypt it :

[[email protected] ~]# ./aescrypt2_huawei 1 hw_ctree.xml decode.xml

2. To re-encode use the following command:

[[email protected] ~]# ./aescrypt2_huawei 0 decode.xml hw_ctree.xml

3. At line 1022, You can find the web interface password

1022 <X_HW_WebUserInfoInstance InstanceID="2" UserName="telecomadmin" Password="402931e04c03e24d360477a9f90b9eb15777e154360f06228be15c37679016ef" UserLevel="0" Enable="1" ModifyPass wordFlag="0" PassMode="2"/>

We also had Yash Paupiah, President of the UOM Computer Club who made a sensitive point regarding as to whether the patch was supposed to come from Mauritius Telecom or Huawei. After some research, we noticed that there was no patch from Huawei itself.

The whole team of hackers.mu and myself invite you to join our Facebook group and Twitter to keep in touch for our oncoming Live podcasts, Hackathons, Public events etc..

Other bloggers on the Podcast:

Cybersecurity Event Mauritius: Firewalls: back, now, then

Have you missed one of the most important cybersecurity event which recently took place in Mauritius ? I wrote a blog post to announce the event. Well, in case you miss it, you might be interested in this article to catch up with the event. It was publicly announced on the hackers.mu Facebook group as well on hackers.mu Twitter account. It was held on the 10th of September 2017 at Voila hotel conference room at Bagatelle, Mauritius. Several students from University of Mauritius, professionals and members of MOSS – Mauritius Open Source Society were also present on that day.

Philipp Buehler During his presentation.
Philipp Buehler During his presentation.

The hackers.mu team which is the first group of Linux and BSD developers in Mauritius invited Philipp Buehler, an international cybersecurity expert. He spoke about his experience in cybersecurity and gave recommendations for people interested by the the field or just want to learn new skills in that area. He also emphasised heavily on Network and Security infrastructure, Firewalls, IPS, IDS and several other components. You can view the slide here :

Mru2017 Talk by P.B of OpenBSD for Hackers.mu event by Anonymous olxMjXje4 on Scribd

It was an open talk. Several topics such as Fragmentations and Protocol issues were tossed from the audience. One of the interesting topic was on IPS – Intrusion Prevent System. Philipp explain how most of the time if wrongly configured the system does not prevent any attack but instead legitimate packets. Typically, since it is an automated system and usually we have Crons which run at night and based upon some patterns by the IPS, same is interpreted as an attack and finally several IPs are banned and finally we land in a debug session. He pointed out about putting it back to an IDS – Intrusion Detection System. Support of IPV6 to several IDS were proposed as one example for University projects. It was amazing how Philipp re-drew the OSI diagram in a practical way and mentioned the “8th layer”. Another interesting diagram explaining how the Kernel interacts with the CPU, Memory and Disk to illustrate the Userland, the Kernel and the hardwares.

In case you are looking forward for more security events in Mauritius, please keep in touch on our Twitter Page and Facebook group. The hackers.mu also credits the PHP User Group of Mauritius for its kind sponsorship of the event and credits to Akasha Lilith for the nice pictures taken during the event  🙂