Friday 28 February 2014

ABS-FITA Cyber Security Seminar - Presentation

ABS-FITA : Cyber Security Seminar - An Experience


It was such a great honor to be invited to demonstrate our capabilities to the masses at the seminar. Believe it or not, although the demo was only 1 hour, it took me over 100 hours just to prepare the setup, ensuring my payloads work and the Anti Virus applications can be bypassed. The preparation was not as smooth as i hoped it would be.



The first time i prepped it and then showed it to a colleague, all failed! My Backtrack Linux wasn't working, the Xenotix unexpectedly hanged and it was such a mess. Then after hours and hours of reinventing the wheel, feeling confident and showed it to the internal staffs, again, it failed! Why? Why? Why?

Then came the day the organizers from the ABS-FITA to see the demo in the office. I prayed and i prayed and i prayed, please dont fail.. and thank God! It went smooth!


The 'Rehearsal'

The organizers told us to come as early as 7am to prep the stage and ensure the projectors and sound are all working. Well, to ensure that i would not be late by our 'reliable' MRT, i had to wake up as early as 4 am and leave the house at 5.15am reaching the Ritz Carlton hotel at 5.40am! There was no one around in the hall but without wasting time, i set up my machines and do a trial run on the whole demo process. Smooth...

During the Talk

While the event already started, instead of listening to the speaker, i was at the speaker's table with my two notebooks on, rerunning my demo process. Smooth....

During Lunch

Our presentation was scheduled at 4pm. In other words, we had 4 more hours before our turn. Everyone went to lunch but i was busy on stage testing my network (4G) connection and ensuring that i am able to send traffic within the tethered network environment.... Smooth...

Showtime

So when our turn begins, i was very nervous or in Hokkien (Gan Cheong), because i really really hope it will work. The problem was, its easier and more environment friendly doing the demo in front of an audience of hackers as they would understand if and when a Demo fails. But presenting it to an audience of business level, i need to ensure that everything must be perfect end to end... And here's the thing, it was all perfect until the part when i tried to connect into the database server's shell but connection was reset. I was like, Oh No! but my colleague who did all the talking coolly said "Looks like the connection was out, but he will try again. Not every hack is a perfect hack". And when i enter 'Exploit' and hit the Enter button.. loading...loading...loading and YES it went through!!! Total 'downtime' was 10 seconds! Phew!!!








Conclusion

I was glad to be able to show everything completely and as feedback-ed by the organizers "it was the highlight of the event". Some of the people came up to us and said they enjoyed the demo. Some said it opened their eyes after seeing it live. And finally, unexpectedly, i received a speaker's gift by the organizer... a Mont Blanc wallet! How nice!!

Next Week: Presentation @ Websense! 
Link: http://app.certain.com/profile/web/index.cfm?PKWebId=0x5770881342&varPage=info
Link to pictures: http://centres.smu.edu.sg/fita/events/photos-videos/cyber-security-seminar/

No comments:

Post a Comment