Difference between revisions of "Summerschool Aachen 2005/Challenges"

From C4 Wiki
Jump to: navigation, search
Line 1: Line 1:
* Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks)
 
* Typo & Ilja - 0wn putty
 
** Update: We found some exploitable bugs. --[[User:Typo|Typo]] 18:10, 20 Sep 2005 (CEST)
 
* Christian feat. Max - verBOTen - a bot that mirrors only that stuff that is protected by robots.txt
 
* Max: Exif_Thumb finish last years project - '''done''' see [http://lufgi4.informatik.rwth-aachen.de/projects/hiddendata/show] [http://lufgi4.informatik.rwth-aachen.de/news/show/demonstration-of-jpeg-exif-thumbnail-information-disclosure-available]
 
 
 
== Open Challenges ==
 
== Open Challenges ==
  
Line 17: Line 11:
 
*Build a minimal DHCP Server on ScaPy
 
*Build a minimal DHCP Server on ScaPy
 
*Build an Fingerprinting Tool for
 
*Build an Fingerprinting Tool for
** dhcp
+
** dhcp
 
** rsync
 
** rsync
 
** ssh
 
** ssh
** ssl
 
 
* Look into timing/fingerprinting SSH
 
* Look into timing/fingerprinting SSH
 
** (avoidance)
 
** (avoidance)
* Write a chaoter for [/TheBook]
+
* Write a chapter for [[/TheBook]]
 +
 
 +
== Challenges in Progress ==
 +
 
 +
* Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks)
 +
* Typo & Ilja - 0wn putty
 +
** Update: We found some exploitable bugs. --[[User:Typo|Typo]] 18:10, 20 Sep 2005 (CEST)
 +
* Christian feat. Max - verBOTen - a bot that mirrors only that stuff that is protected by robots.txt
 +
* Max feat. Christian: [[/SSL fingerprinting]]
 +
 
 +
== Finished Challanges ==
 +
 
 +
* Max: Exif_Thumb finish last years project - '''done''' see [http://lufgi4.informatik.rwth-aachen.de/projects/hiddendata/show] [http://lufgi4.informatik.rwth-aachen.de/news/show/demonstration-of-jpeg-exif-thumbnail-information-disclosure-available]

Revision as of 12:13, 22 September 2005

Open Challenges

  • extend p0f to fingerrprint ScaPy (default) packets
  • find a way to fingerprint
  • Build an HTTP-Infrastructure Fingerprinting Tool
  • Scan our strange network, fingerprint the stuff in there, modify existing fingerprinting tools to do so
  • Find out how httprint works
  • Build a minimal DHCP Server on ScaPy
  • Build an Fingerprinting Tool for
    • dhcp
    • rsync
    • ssh
  • Look into timing/fingerprinting SSH
    • (avoidance)
  • Write a chapter for /TheBook

Challenges in Progress

  • Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks)
  • Typo & Ilja - 0wn putty
    • Update: We found some exploitable bugs. --Typo 18:10, 20 Sep 2005 (CEST)
  • Christian feat. Max - verBOTen - a bot that mirrors only that stuff that is protected by robots.txt
  • Max feat. Christian: /SSL fingerprinting

Finished Challanges

  • Max: Exif_Thumb finish last years project - done see [1] [2]
Retrieved from "https://wiki.koeln.ccc.de/index.php?title=Summerschool_Aachen_2005/Challenges&oldid=7505"