HELP/IDEAS?! univer...
 
Notifications
Clear all

HELP/IDEAS?! university project

18 Posts
12 Users
0 Likes
1,149 Views
thegavster
(@thegavster)
Posts: 22
Eminent Member
Topic starter
 

Hi guys, this is my first post to the forum and im also new to the forensics world. i am in my second year degree of digital forensics at university and it is going well and I have just designed and investigated a simple experiment that was to identify where Nero Burning Rom stores cache on the HDD when a burn process is started. Iv been asked to design an experiment project of my own.

I want the project to be fairly simple (inkeeping with my skills; basic ftk, helix and encase). I have a personal interest in wireless technologies, in particular wireless routers and penitration testing. I was hoping to do some kind of investigation into any data that can be recovered (eg web browsing) from a router device, when other sources of data recovery have failed? Im not particllary sure of what to do, as i am new to the area.

Anyways any simple experiment that can be suggested wireless, pen testing or otherwise will be greatly appreciated.

 
Posted : 11/12/2008 6:26 am
(@hinchy)
Posts: 7
Active Member
 

thegavster,

A simple, but interesting project might be to investigate the possibility of using grid computing to increase the affect of brute force attacks against wireless encryption standards (WEP, WPA2 etc).

A project like that would depend on a number of factors though
- What kind of programming skills have you got?
- Is your course purely forensics based?
- Is there someone in your faculty that would be willing to supervise? etc, etc

Hope that helps,
Hinchy

 
Posted : 11/12/2008 1:46 pm
(@sleepy)
Posts: 27
Eminent Member
 

Brute force attacks have recently gone "off the charts" with the advent of cuda and gpu-distributed attacks. If you're going to look into brute forcing at all I'd like to see some more expansions of the cuda gpu cracker, there are a few already but if you go in the game right away you could probably still pioneer something.

Some colleagues and I used 4 gpus to crack a 8 digit (upper,lower,number,special symbol) ltfm hash in 1 day 9 hours! amazing!

 
Posted : 12/12/2008 1:34 am
(@sleepy)
Posts: 27
Eminent Member
 

Nope, it was 4 ordinary laptops (the software allows for distributed attack) with various cards in them (the software requires 8000 series + nvidia gpu's).
This was really just a quick test by myself and 4 other students, we plan do do some more involved testing soon. I should also note that we have a single cpu running the same brute force software against the same hash and as of yesterday when I left the lab it estimated 106 years + before it achieves the same result. 😯

If any of you are actually interested in our amateurish testing, I'll see if the rest of the team would mind if I posted our notes here.

 
Posted : 12/12/2008 3:01 am
(@jeffcaplan)
Posts: 97
Trusted Member
 

thegavster,

A simple, but interesting project might be to investigate the possibility of using grid computing to increase the affect of brute force attacks against wireless encryption standards (WEP, WPA2 etc).

A project like that would depend on a number of factors though
- What kind of programming skills have you got?
- Is your course purely forensics based?
- Is there someone in your faculty that would be willing to supervise? etc, etc

Hope that helps,
Hinchy

Grid computing leveraged to increase the effectiveness of brute force attacks against WPA2…hmm…you mean something like this?

Considering that's already been done and commercialized, might I suggest something a little more original?

I was hoping to do some kind of investigation into any data that can be recovered (eg web browsing) from a router device

That's not a bad idea, actually. Maybe investigate some of the various models of commercial routers out there to see what kind of data gets cached in memory while forwarding requests. I imagine there should be quite a bit…getting access to it would be the fun part.

Jeff

 
Posted : 12/12/2008 5:04 am
azrael
(@azrael)
Posts: 656
Honorable Member
 

If any of you are actually interested in our amateurish testing, I'll see if the rest of the team would mind if I posted our notes here.

Very, please do !

 
Posted : 12/12/2008 1:47 pm
s1lang
(@s1lang)
Posts: 98
Trusted Member
 

If any of you are actually interested in our amateurish testing, I'll see if the rest of the team would mind if I posted our notes here.

Ooooo yes please Sleepy )

 
Posted : 12/12/2008 2:47 pm
(@ivalen)
Posts: 30
Eminent Member
 

"My neighbor was using my wireless, or at least he used to"

Prove it.

 
Posted : 13/12/2008 5:58 am
neddy
(@neddy)
Posts: 182
Estimable Member
 

It seems to me that the topics mentioned are well beyond the normal scope of a BSc final year project and are more akin to a MSc. I would advise you to focus on a subject that you are familiar with and apply the knowledge attained from your BSc units to show how this teaching has assisted you in your project. This allows the project assessor to justify the curriculum and if the units have indeed helped you to produce a good report, I am sure this will be reflected in your mark.

"My neighbor was using my wireless, or at least he used to"

Prove it.

Ivalen has identified a very good subject that could be a lot of fun to investigate. I like Ivalen's idea as you could create a 'Honeytrap' router and record activity on the router from a vast range of scenarios. However, you may find the results of the experiment may relate more to user activity or statistics than pure digital forensics. Still, that's allowed is it not?

 
Posted : 15/12/2008 12:32 am
thegavster
(@thegavster)
Posts: 22
Eminent Member
Topic starter
 

Ok iv been thinking bout this for a while and talked it over with my uni tutor. He agrees in saying it will be difficult to impliment. One solution would be to simulate the firmware of the router or try to see if there is a "wireless router virtual machine" that you can use to simulate data.

I have used VMware before. But i have never come across Vm that can simulate any type of networking device (ie router, wireless AP, switch etc). Has anyone else come across this or is more familiar than me, in virtual software that is capable of what i am trying to achieve. Im going to look now…..hope someone ca help.

BTW thanks everyone so far who has replied….big help!

Gav

 
Posted : 15/01/2009 4:43 am
Page 1 / 2
Share: