Saturday, December 16, 2017

Hacksmith V1.0

10 teams took part in a hackathon hosted by Division Zero (Div0) partnered with Black Hat Asia, on 16 December 2017. Our team of 3, Pentest, consisted of, Ashley Tan, Davis Zheng Yang, Lai Yong Rong. Our goal was to achieve something simple that can solve a common problem that people may face without know it. We started off with 3 ideas, then came up with the topic QR codes. QR codes are frequently used in applications like Whatsapp, Advertisements, not excluding banking apps, DBS’s Paylah, OCBC’s Pay anyone, and Wechat. We decided to come up with a QR scanner that checks URL for malicious virus that could possibly infect device. With the help of ‘ZXingScanner’ library. After that we had to come up with a way to check for infected links and we went with Virustotal’s database. Although more things could be done for example, creating database that could help to deal against phishing links, due to the lack of experience and time this was the best we could come up with in the given twenty-four hours.

All in all, it was a great experience for us as we manage to learn new ways to tackle the infocomm industry with methods that we were not aware off.

Our class was notified that there was a hackathon taking place during a pyc lesson where Ms Junie Tan suggested we take part and so our team consisting of Ashley, Me and Yong Rong signed up to compete in the hackathon. We needed to arrive at the venue which was NTU’s nest at 9 sharp after we were briefed on what we should do and what would be happening, after which we started brainstorming for ideas. We decided to use java to program as that was what we were strongest in and came up with a few decent ideas, such as a qr scanner that would check for malware against a database and a program that would scan and check current existing cookies as well as notify the user when a cookie was being created. We all started work on our individual projects. However after noon, the rest of us abandoned our own projects and decided to go with Ashley’s idea as it seemed to be the most interesting, useful and most relevant. At around 9 the next morning, the 5 judges arrived and we had to present to them our idea and the program that was written. Over the course of the night, many of our fellow contestants dropped out as they couldn’t handle staying for 24hrs, so we had significantly fewer competition, during the presentation, the other groups presented amazingly thought up ideas and implemented them perfectly, such as one which was meant to outreach to people and show them the dangers of phishing by preparing a tool which could perform 3 different types of phishing attack.

Written By Davis DISM1B03