Our GSoC student Eshaan Bansal was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically introducing a brand new front-end written in Angular and analyzers to automate integrations.
Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.
Student: Vakaris Žilius
Mentor: Daniel Goldberg
During GSOC 2018, Vakaris worked with me on the Infection Monkey.
The Infection Monkey is an open source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.
Abhinav Saxena wrote this post as a project summary of his GSoC2018 experience.
The following features and changes were implemented:
After successfully participating in GSoC between 2009 and 2017, and having created or extended many honeynet technologies that have since gone on to become industry standard tools, we are very happy to announce that The Honeynet Project has applied to be a mentoring organization once again in GSoC 2018.
While last year’s GSoC saw significant changes to the program structure, the program has not seen major adjustments this year. We are very happy that the new payment model and the added third evaluation came to stay! At Honeynet, we collected extensive feedback from mentors last year and will use that to improve our students’ experience - more on that later. Based on the very positive feedback from last year, we’ll definitely continue to use our now not-so-new-anymore GSoC Slack channel and we are excited to talk to you there!
The Honeynet Project annual workshop is just few days away, members and security folks from all over the world will gather in Canberra, Australia November 15th-17th. Every year the Honeynet Project, with the support of Google, funds a bunch of students that were admitted to the Google Summer of Code program and successfully completed their project assignments. They will have a chance to travel to the workshop and meet face to face with honeynet members and grown up experts in the security field.
Issues Resolved: #72, #59
Description Glutton support number of services (protocol handlers) so each service mean number of connection on that service. So It crash after some time with error: [user.tcp] accept tcp [::]:5000: accept4: too many open files, and this error was due to the allowance of limited number of open file descriptors by the operating system. There was no deadline set for opened connections so most of the connections never get closed. In result, the number of opened connections gradually cross the maximum open file descriptors limit and cause panic. So I added connection timeout = 72 second, number of opened connection will never reach the open file descriptor limit. Another reason was Freki; Glutton useses freki as a networking core so freki handler crashes because of improper error handling in Glutton. So I improved error handling of protocol handlers and glutton stops crashing.
Previously, Tanner supported SQL Injection using SQLITE but since MySQL is widely used so it is badly needed in my opinion. Also with MySQL, Time-based Blind SQLI can be emulated which can’t be done in SQLITE based emulator. It is implemented using aiosql library using the same approach used in SQLITE emulation previously.
This emulator emulates Command Execution/Injection vulnerability.It is implemented using docker considering its safety features. I used Busybox as default docker image which provides a nice Linux shell, file system and most importantly very light in size. Attack is identified using the regex .*(alias|cat|cd|cp|echo|exec|find|for|grep|ifconfig|ls|man|mkdir|netstat|ping|ps|pwd|uname|wget|touch|while).* and then injected in the busbox docker image to get command injecion results.
This is a contribution by GSoC student Ziyue Yang, find him on Github yzygitzh.
My project for GSoC 2017 is Android Sandbox Detection and Countermeasure, which came out to be the ReDroid toolbox. This post was presented for the final evaluation of my GSoC 2017 project.
ReDroid is a toolbox for automatically detecting and countering anti-sandbox behaviors in Android apps. You can:
Before GSoC 2017 begins, my GSoC mentor Yuanchun Li discussed with me about the proposal for the GSoC project. Generally our goal was to develop some mechanism that can counter anti-sandbox techniques presented in Android apps.
The summer is coming to the end as well as my GSoC17 happy days. So, now it’s time to sum up the results and say goodbye to the GSoC until the next year.
Working on the Heralding project was awesome experience for me. I feel I did something helpful, fun and challenging at the same time. I hadn’t wanted anything else before the summer!
Hi, I’m Matthew Shao from China. This year, I got the honor to be selected as a Google Summer of Code student for the mitmproxy project. With the help of my kindly mentors Maximilian Hils and Clemens Brunner, I managed to improve the source code of mitmweb, which is a web interface for mitmproxy, and added some exciting new features for it. Here I’m going to present you the work I’ve done during this fulfilling summer.