InCTF – India’s first CTF style Ethical Hacking contest

InCTF

Amrita University & TIFAC CORE in association with VeriSign proudly present InCTF’10, India’s First National “Capture the Flag” Style Ethical HACKING contest.

InCTF’10 is from February to March 2010 and is focused exclusively on promoting Cyber Security among the student community. You can participate from your own university and no travel is required. No prior exposure or experience in cyber security needed to participate.

Prerequisites

• Familiarity with any programming language.
• Working knowledge of any GNU/Linux OS is highly desirable but not necessary

Learn essential skills as you participate!!

What you need to do?

(a) Form a team (max five members from your college)
(b) Approach a faculty/mentor and request him/her to mentor your team
(c) Register online at http://inctf.amrita.ac.in/register.php
(d) Send a demand draft for and amount of Rs. 150/- per team to the address mentioned.

Hurry! You can participate as soon as your complete the registration. LAST DATE Feb 28th!
Exciting prizes to be won:
1st Prize Rs. 40000/-
2nd Prize Rs. 30,000/-
3rd Prize Rs. 20,000/-

Special Prizes

(a) Top 30 teams get CASH prize and Certificates of merit
(b) Faculty mentors of top 5 teams get special prizes
(c) College with the winning team will be awarded a “Champion University” award

(d) Winning teams will be considered to participate in an internship program at VeriSign for the next cycle which starts in July 2010
Here is your chance to win bragging rights to be called “India’s No.1 Ethical Hacking Team!!”

It’s simple Register, Learn, Hack!

More details visit us online at http://inctf.amrita.ac.in

Follow us on Twitter @inctf | Facebook
Event Sponsor : Verisign | Media Partner: InfoSecurity | Publicity: Event Poster

Beginning with LaTeX on GNU/Linux

Recently, due to some project work i had the need to learn to use LaTeX to create my documentation. But as i was googling around for it i found a plethora of stuff that utterly confused me. Hence, This document gives an overview of LaTeX and how get started with it on GNU/Linux

Introduction to TeX

TeX is a typesetting program created by Donald Knuth of Stanford University with the aim of composing quality content that contains a lot of mathematical and technical expressions. It is also suitable for producing all sorts of other documents, from simple letters to complete books. TeX provides Device Independent output(dvi) which contains details only regarding references to fonts and positions of characters on the screen. This output can be used by various printers to convert it to their desired format like pdf, postscript etc.

What is Typesetting?

A type is a way characters look usually called a font. Type-setting is the process of putting characters (of a certain type) in their correct place (layout) on paper or screen.

What is LaTeX then?

TeX by itself is a macro compiler i.e it maps a higher level instruction into a sequence of device independent instructions. LaTeX provides a set of useful macros, which uses TeX underneath to produce the device independent output. LaTeX was introduced by Leslie Lamport, a researcher i admire for his innovation. Similar distributions of TeX include ConTeXt, AMS-TeX etc.

Getting Started

There are 3 main things you ought to be aware of to get started with LaTeX

Writing TeX files

The TeX files is the ASCII specification i.e which is written in characters available on the keyboard. You can use any text editor of your choice to write it – vim, emacs etc..

Here are some good areas to get started on learning to write tex files.

An Example LaTeX specification

The (Not So) Short Introduction to LaTeX2e

This document by Tobias Oetiker is good for beginners

The LaTeX Cheat Sheet

Setting up LaTeX

Usually most distros of GNU/Linux come with latex pre-installed. If not please check your software sources for a TeX package or install TeX Live directly.

For Ubuntu you can install it by

$ sudo apt-get install texlive

Once done you have a plethora of options available to you

Converting TeX files

Convert the tex to dvi

$ latex program_to_convert.tex

Convert dvi to postscript

$ dvips -Pcmz your_dvi_file.dvi -o output_file.ps

Convert tex to pdf directly

$ pdflatex program_to_convert.tex

Convert postscript to pdf

$ pdf2ps your_file.ps your_file.pdf

Convert pdf to postscript

$ pdf2ps your_file.pdf output_file.ps

Note: This article is only to get you *familiar* with LaTeX only. For advanced use, you may refer the following

References

http://en.wikipedia.org/wiki/TeX

http://www.google.co.in/search?q=Latex

http://www.latex-project.org

http://en.wikipedia.org/wiki/LaTeX

http://selinap.com/2009/03/how-to-compile-latex-file/

http://www.tug.org/begin.html

http://en.wikipedia.org/wiki/Macro_(computer_science)

http://www-cs-faculty.stanford.edu/~knuth/index.html

LATEX

Vim : Things you thought you could never do Part I

When i first started out programming using Vim, my first reaction was “What a boring editor, ancient piece of crap” . So i started using gedit regularly. It was only recently that i was enlightened about the Awesome features of Vim!! So i thought i need to enlighten some of the vim critics out there.

*

Vim Modes

There are 2 main modes in Vim

a. Normal mode: The one when you open it initially in Vim

b. Editing Mode: When you press one of the following keys when in normal mode

i   –  insert at current position

a  -  insert AFTER current position

o  - open (create) a new line below current line

I  - insert AT START of current line

A – insert AFTER end of current line

O – open (create) a new line ABOVE current line

Here, as you can see they key ‘o‘ would turn out to be pretty useful.

Note: The following tips are useful in normal mode. The quotes are given only for understanding that they are strings. You dont need them while entering them in normal mode.

*

Navigation

To make navigation easier i.e to make use of the main keys on the keypad h , j , k , l are used. To remember better

a. h is on far left -> so stands for left

b. l is on far right -> so stands for right

c. Since j looks like it is somewhat pointing down -> stands for down

d. Obv -> k stands for up

*

Use of combos to achieve magic !

d- delete

c- change

w- word

b- word before

a. So type “wwwwww” (and) “bbbbbbbbbb” and see what happens. Cool right!

b. Similarly place the cursor before a word and type “dw” -> a word is deleted!

c. So now, you can make combo’s of the above letters to make super things happen

i. d6w – delete 6 words after cursor posn

ii. d6j – delete 6 lines down

iii. d4b – delete 4 words before cursor posn

iv.  cw – change current word

etc. etc…. All this just in a few keystrokes !!

*

Auto-complete Feature

Lets say i am typing a document/program and i repeat the use of many words/keywords. The auto-complete feature shows me a list of complete options allowing me to fill in the word of my choice

Ctrl – P – Search previous

Ctrl – N – Search Next

Once the a drop-down of possible options(for multiple fills) is shown, go down to the appropriate one and press <enter >

Try it out!

*

Visual Mode

Now, we are always faced with the stigma as to

“How do i select multiple lines without a mouse? How do i copy/paste/delete multiple lines”.

Vim has the solution in the form of the “Visual Mode”

*

1. Type “v” – allows you to select multiple characters

2. Type “V”(Shift-v) : allows you to select multiple lines

*

Once youve selected the lines, you can  use

*

a. “d” – to delete

b. “y” – copy (short for yank)

c. “p” – paste (once you have copied)

d. Use “<” and “>” to indent left and right

e.  “o” moves to start and of select

*

Other useful shortcuts

“dd”-delete current line

“d2d” – delete 2 lines

“yy” – yank current line

LOOK OUT FOR PART 2 !! Coming up soon!

Modelling Automata using Graphwiz API

An automata can be implemented in 2 ways.

1. Linked List representation

2. Matrix representation

I implemented a program in JAVA to model an automata(deterministic) in a Matrix structure and represent it graphically as shown to the left. The graphical representation was done by using the Graphviz JAVA api.

Eg. The Automata shown can be represented in matrix form as

a   


b   




S0 


S3


S1




S1    


S2


S1




S2    


S3


S1




S3    


S0


S3

I have uploaded the code at github, you can download it here

STEPS TO RUN

1. First compile the source files

$ javac FiniteStateMachine.java

$ javac GraphViz.java

2. If both compile  successfully, run

$ java FiniteStateMachine –filename <input_file>

3. By default, if you have evince reader, the gif file should pop up instantly, else edit the code and remove the System command being executed.

4. For more help run

$ java FiniteStateMachine –help

A Transducer for Removing Comments in a file

Automata generated using Graphwiz API

The workflow of stripping comments from a C file from a file can be modelled using the following automata

• Set of States = {S0,S1,S2,S3,S4}
• Set of alphabets(A) = {set of all ascii characters }
• Start State = S0
• End State = S4

This can be converted to a transducer such that whenever the System reaches state 0 , the character is printed on console

I have developed a program for stripping coments based on this automata. The automate on the left was generated using GraphViz. See http://varrunr.wordpress.com/2009/12/10/modelling-automata-using-graphwiz-api/ for more.

You can download it here ( git repository)

Instructions

Run as

$ ./ strip_comment <input_file>

The Documentation was generated with Doxygen and is present in Doc folder

License : GPL

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/

My experience @ foss.in 2009

foss.in 2009, the biggest event in India promoting Free and Open Source Software, was held from Dec 1-5 from Bangalore. Though the event was for 5 days, i decided to attend only for 3. The organization of the event was impeccable starting from the registration cards to the set-up of the stalls . What i found different this time @ foss.in, from other conferences i have attended, is the “Workout” sessions, where diverse people with a common interest in an OSS project get to actually sit down and “hack” a set of goals to be achieved over the next few days (http://workouts.foss.in/2008/index.php). The talks were going on in parallel in Audi’s 1-3, while the actual hacking was taking place in the first floor where a number of tables, routers, and power strips were set up. Every day had a distinguishing project of the day, where the team organizing it would give a comprehensive overview on the different aspects of the project and how one can contribute.I was actually surprised to see a school kid as a delegate for the contest . It’s good to know FOSS has a far reach.

Though the talks were informative, i have always wondered “how much can a person convey in an hour”. One of the better talks were on “Haskell Internal’s” by Ramkumar Ramachandra. One trend i have noticed is that many pure Physics students are a lot into contributing to FOSS, and Ramkumar was one of them, an M.Sc. Physics student.  The talk on Sandboxing in Linux was also pretty informative.  The person in charge of the Debian workout Kartik Mistry also gave us an idea on how to get started contributing to Debian. The main focus of foss.in 2009 was development in KDE, Maemo, libyahoo2, Fedora, Debian and Sahana. I also found some innovative projects for Finance management etc. One interesting project was the Fedora Security Spin, which aims at being the first security distro to be released with a proper release and update channel. That is the advantage it has over others like Backtrack, Devl etc.

I thoroughly enjoyed myself in bangalore, though i wish i was able to contribute more to the workout sessions. But now with an idea and vision for the next foss.in, i wish to become an active contributor to mainstream open source projects like Debian, Ubuntu and KDE. Seeing many students from their second and third years presenting, i hope an active community within Amrita can be formed, with the mission of atleast 2 people being speakers at the next foss.in. Check out the photos!

Introduction to Automata

What is an automaton?

An automaton is a recognizer i.e given an input language, it recognizes if a string is a part of that language.

For Eg. English is a language comprising of alphabets ‘a-z’, “beethoven” word is a valid string of the language. At the same time “!a89rr” is an invalid string.

Terms involved in modeling a Finite State machine

Start State – The initial state of the system when no interaction has taken place yet

End/Accepting State – The state(s) that indicates the successful operation of a system (Eg. acceptance of a string)

Transition – An action which triggers the change of the system from one state to another

Mathematical Definition [ Wikipedia ]

A deterministic finite state machine or acceptor deterministic finite state machine is a quintuple (Σ,S,s₀,δ,F), where:

• Σ is the input alphabet (a finite, non-empty set of symbols).
• S is a finite, non-empty set of states.
• s₀ is an initial state, an element of S.
• δ is the state-transition function: (in a nondeterministic finite state machine it would be , ie., δ would return a set of states).
• F is the set of final states, a (possibly empty) subset of S.

Graphical Representation

An automata is represented graphically using a state diagram where each state is represented by a circle and transitions are represented by arrows labeled with the input alphabet causing the transition.

Finite State Machine

Eg. A Finite state Machine which recognizes if the input string has even  number of zeros

There are only 2 possible states for a string “Even number of zeroes” or “Odd number of zeroes”.The initial state, an empty string has even zeroes. Hence, the start state is the end/accepting state. This FSM can be represented by

Even -> 1  =  Even
Odd -> 0= Even
Even -> 0=Odd
Odd -> 1=Odd

Here, ” ->  ” represents a transition  and ” = ” represents the change to the next state. [ Assumed ]

The language accepted by the FSM is {00,100,1100,110000,10000, . . . } . The set of strings generated is infinite

Ranking of US univs for Computer Science

For all the computer science undergraduates aspiring to do an M.S / Ph.D. in the U.S, i found some info i thought i should share.

Rankings US News 2009 (Computer Engineering):

Massachusetts Institute of Technology
Stanford University
University of California–Berkeley
Carnegie Mellon University
University of Illinois–Urbana-Champaign
University of Michigan–Ann Arbor
California Institute of Technology
Georgia Institute of Technology
Cornell University
University of Texas–Austin (Cockrell)
Princeton University
Purdue University–West Lafayette
University of Southern California (Viterbi)
University of Wisconsin–Madison
University of California–Los Angeles (Samueli)
University of Washington
University of Maryland–College Park (Clark)
University of California–San Diego (Jacobs)
Pennsylvania State University–University Park
Columbia University (Fu Foundation)
Harvard University
Ohio State University
Rice University (Brown)
Texas A&M University–College Station (Look)
University of Minnesota–Twin Cities

Rankings U.S. News 2009 (Computer Science):

Massachusetts Institute of Technology
Stanford University
University of California–Berkeley
Carnegie Mellon University
University of Illinois–Urbana-Champaign
Cornell University
Princeton University
University of Washington
Georgia Institute of Technology
University of Texas–Austin
California Institute of Technology
University of Wisconsin–Madison
University of California–Los Angeles
University of Maryland–College Park (Clark)
University of Michigan–Ann Arbor
Columbia University
Harvard University
University of California–San Diego (Jacobs)
Purdue University–West Lafayette
Brown University
Duke University
Rice University (Brown)
University of Massachusetts–Amherst
University of North Carolina–Chapel Hill
University of Pennsylvania
University of Southern California (Viterbi)
Yale University
Johns Hopkins University
Pennsylvania State University–University Park
University of Virginia

Funny, yet so hard to laugh

One of my friends,  from the Mech dept. had a problem when he reinstalled his Windows XP while having a dual boot of XP and Ubuntu. Since,  XP  was not loading he called to me for help in recovering his XP via gchat!

I started of with asking him explicitly “What does your menu.lst” contain? and he replied “Empty” . Well, then i came to realize that his system was majorly screwed up. Hence, i started dishing out a flurry out commands to debug the issue, and asked him to give me the output. This process took half an hour and i constructed an entire new menu.lst for him. Before i was going to send it to him, just out of curiosity i asked him to run a “ls /boot/grub”, and check if a file menu.lst exists. and HE ANSWERED YES!!

I was quite angry then for making him waste my time, but still continued to help him. I asked him to modify his menu.lst so he could boot it properly. His system was yet not booting.

Then came the FINAL REVELATION!! It turns out the the problem was on the DESKTOP, while he was running all the debugging commands on his LAPTOP !!! At that point I did not know whether to LAUGH or CRY ?

Now I understand the reason why newbies get flamed in discussion forums for asking dumb doubts. It is not because of the nature of the question alone, it is prejudice based on their past experiences

Search your history of commands

I just recently discovered that one can search a history of commands(in BASH) in  a few keystrokes , rather than the ancient way of pressing the up arrow till you see it or eventually doze off

Press Ctrl + R

Start typing the command u want to search for( it starts autocompleting)

Once you reach the right command -> Type Enter

Happy Searching