Monthly Archives: June 2012

sCTF 2012

This is a great opportunity for all the students from India. Do participate and learn more about security!

Amrita University & TIFAC CORE
proudly present
sCTF ’12

National Level “Capture the Flag” style ethical hacking contest

Not a day passes when several machines are compromised and infections spread rampantly in the world today. The cyber world has witnessed several dangerous attacks including the Stuxnet virus and it’s successor Duqu. The most recent such attack is the Flame infection, in which the virus managed to disguise itself as a legitimate Windows software. It exploited a bug in Windows to obtain a certificate which allowed itself to authenticate that is was from Windows.

Indian websites too offer little or no resistance to such security intrusions. The Computer Emergency Response Team, India(Cert-In) has been tracking
de-facements of Indian websites and more. Their report can be viewed here. It’s really sad that with so much talent and skill, Indian websites are compromised frequently and nothing can be done to stand this wave of attacks on them.

sCTF is a Capture the Flag style ethical hacking contest, a strategic war-game designed to mimic the real world security challenges. Software developers in India have little exposure to secure coding practices and the effects of not adopting such practices-one of the main reasons why systems are compromised quite easily. Following such simple practices can help prevent such incidents. sCTF is focused exclusively on the student community. No prior exposure or experience in cyber security needed to participate. There are 3 rounds in the contest-the first rounds provide some necessary skills required to perform in the subsequent two rounds.

sCTF is being organized along with the 1st International Conference on Security of Internet of Things to be held at Amrita Vishwa Vidyapeetham, Amritapuri from 17-19 August 2012. Teams who qualify to the final round are fully sponsored to attend the conference and the event on-site. This is a golden opportunity to interact with the best security researchers from around the world! For more details, visit http://securit.ws.

What you need to do?
1. Form a team (max five members from your college)
2. Approach a faculty/mentor and request him/her to mentor your team
3. Register online at http://portal.inctf.in

Great Rewards

25K

15K

10K

The winning team receives a cash prize of up to
Rs. 25000/-

The first runner-up team receives a cash prize of
up to Rs. 15000/-

The second runner-up team receives a cash prize
of up to Rs. 10000/-

So, what are you waiting for? It’s simple: Register, Learn, Hack!

Notes:
1. Only four machines will be provided to each team-3 player machines and 1 gateway. Players cannot use any
additional machines. Also, collaborating with players(s) remotely is not allowed and any team doing so will be
disqualified from the event.
2. The expenses of only 3 members will be covered. Their conference fee will be waived and we will reimburse
upto a second class sleeper fare(2S). Each of the 3 members will be required to submit a copy of their tickets
in order to be eligible for reimbursement.
3. The remaining members, if any, have to register for the conference at the website and have to bear all
expenses they incur.
4. The final round will be on 20th August, 2012. The team can attend workshops and the conference from 17th
to 19th August.
5. Accommodation will be available from 16th, August 2012 night to 20th August 2012 night. Kindly plan your
travel accordingly.

If you have any clarifications, do get in touch with us.
Website|Email|Facebook|Twitter

*Cash prizes are subject to their performance and participation in the CTF round.

Advertisements

Emscripten- Getting started

Imagine that you have written a very large project in C/C++ and now you want the same in Java Script. Will you start writing each piece of code in Java Script? Isn’t it too tedious?

Emscripten is an open source LLVM to JavaScript compiler. Using which, you can compile C and C++ code into JavaScript and run it on the web. This avoids the need to write the whole bunch of code program from the scratch.

Some of the requirements before using emscripten:[1]

  • The Emscripten code, from github (git clone git://github.com/kripken/emscripten.git)
  • LLVM with Clang (3.1 is the officially supported version)
  • Node.js (0.5.5 or above)
  • Python 2.6

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies. Clang is a new C/C++/Objective-C/Objectice-C++ compiler being developed on top of LLVM. This must be a good replacement for gcc.

Here are the steps to build and install clang. [2]

  1. mkdir /path/to/clang-build
  2. cd /path/to/clang-build
  3. cd llvm/tools
  4. cd ../..
  5. mkdir build
  6. cd build
  7. ../llvm/configure –enable-optimized –disable-assertions
  8. make && sudo make install

Node.js: In order to execute the JavaScript you intend to run in the backend, it needs to be interpreted and, well, executed. This is what Node.js does. [3]

1. git clone https://github.com/joyent/node.git
2. cd node
3. ./configure
4. make
5. sudo make install

Once you have successfully done this. The next step is to setup emscripten. You can run emscripten by typing ./emcc. This ma throw some error if the path to clang and node is not correct.

Now we can compile the first helloworld file using emscripten.

./emcc tests/hello_world.cpp
  node a.out.js

Hello world! gets printed 🙂
Hope this post helped you get started with emscripten.

[1] https://github.com/kripken/emscripten/wiki/Tutorial
[2] http://ehsanakhgari.org/blog/2011-10-18/why-you-should-switch-clang-today-and-how
[3] http://samcaldwell.net/index.php/technical-articles/3-how-to-articles/120-how-do-i-install-nodejs-on-ubuntu-1004