[OWASP-Philadelphia] Philadelphia OWASP Meeting 1/8

Justin C. Klein Keane jukeane at sas.upenn.edu
Mon Dec 17 14:05:22 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all,

  TLDR: Please RSVP to jukeane at sas.upenn.edu if you plan to attend the
January meeting, which will be held on Penn's campus in Fisher Bennet
hall (at the corner of 34th and Walnut) room 224.

  I've tallied the votes for the topic of our 1/8 meeting and there
were no offers from other speakers or suggestions for alternative
topics.  Folks voted for just two topics, with capture the flag (CTF)
getting the most votes, the rest for a discussion of tools.

  I'm working on finishing the capture the flag, which will actually
focus on a number of tools used for testing.  The CTF follows the
format of others I've done in the past
(https://sourceforge.net/projects/lampsecurity/files/CaptureTheFlag/).
 The exercise will consist of a VMWare virtual machine image along
with a PDF of documentation for one potential route to compromise the
target.  The target is a fully working server with a complete LAMP
stack including a vulnerable web application.  This CTF should be fun
because I'm going to use PhantomJS to simulate users interacting with
any web applications installed on the target (making XSS attacks valid).

  In order to make the most of the exercise you should bring a laptop
with something capable of running a VMWare image (VMWare Player
(free), Workstation, Fusion, or even VirtualBox (free)).  I'll post
the exercise (including the target and documentation) up on
SourceForge following the meeting for folks who can't make it.

  As I'm going to try to bring CDs with the target VMWare image I'll
need to know how many to make.  If you plan to attend please e-mail me
at jukeane at sas.upenn.edu so I know how many to burn.

  Have a happy holidays and hope to see you all in January.

Cheers,

- -- 
Justin C. Klein Keane, MA MCIT
Senior Information Security Specialist
University of Pennsylvania, School of Arts & Sciences

The PGP signature on this email can be verified using the public key at
https://sites.sas.upenn.edu/kleinkeane
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQzyaiAAoJEIH7slQlJAgKRfAP/iVFs9i4jYBef+wKeNUly5zQ
iKjrERk7RRq46rPVYa+gS1KxxLBd4FQWWkuaBlEtUgZN4Xggj6qZW8WG+9aM1/j/
f3DkholyZ4/3xZk13RkN31W5dtdE/pGxvkDHCUaPnOX/ZLj5am8+vEwYkN58t6CA
a5LSVy+TZir3QlsYK35sgKODdfI2FqlhZH4J5dBGj9V+HBt43vPxWBHKIEY6feV1
mcY7g6M3T0l4VsPM0DVQ/w4rbm7dWQK+I3rP3F9pIR6l4vZRwMjOpb8bR22Yzudk
S5efkovnSB6Fu9jn/GJ5ZroMXJIs7F5bo2hiaA5GIvJZiwvp90rI4zsKso3MyL6q
EokLHrRnUZFUP8tOSQ5IPz6um4hDHn9wC79VcsRCB3X03zwyO7cWoytkk8fWXUSA
TXPzgMo0RUAbBAL5afEYvIA7y7fejnFZYUBGunnJ42cS9zB50oMermpI1TtXeMJe
jUYJEI0MozWbMld/BaCioXa50kv71kt15X3XaEdFLZR9FLPdQu4TwXmqQOkVWQsZ
H0XbyiHguSmB8M7NqZq0j+VFoqwkjCFRdWnUUkzm4l4WtEWQ+QB0K+uXhpbrh56c
Vkf0CKBsNwDtHGB6F9dtoTnmkdOvVz7+t72KQOVy+QmrENbWNtcVFAUVtYDsGaPr
keZ5ZrMtmdPG6DwbxUQR
=Bxjn
-----END PGP SIGNATURE-----


More information about the OWASP-Philadelphia mailing list