Saturday, 2 October 2010

A Demolishing analysis of Ankit Fadia's Ethical Hacking Seminar - Overrated, Overhyped & Pure waste of Time


Ankit Fadia's Ethical Hacking Seminar True Analysis: Review by Rishabh Dangwal

SOURCE: PROHACK


according to mrprohack(rd)

And there we go, I came to know about the renowned Ankit Fadia coming to my humble college & I was wondering if he will be different from those other security organizations who teach computer security & ethical hacking.
He was worse.
No offense to Mr Fadia, but actually I was quite saddened by some of the questions which he asked-
How many of you use Google as a search engine ?
(Almost all of hands raised)
He Proclaimed - STOP USING THEM !!
How many of you use email services like Gmail, yahoo?
(A lot of hands raised)
He Exclaimed - STOP USING THEM !!
How many of you use internet ?
(again..some of hands raised)
STOP USING THEM !!
And behind the above "Stop Using Them!!" there were some cheesy reasons of privacy invasion & record tacking. I wondered why he was not educating about how to use services like Scroogle/TOR/SOCKS for safe surfing (albeit nothing is safe, but still, they provide a greater degree of anonymity). Then..it all begin.
The Session Began - theprohack.com
Part 1 - Screwing the Proxies
Then the hacking prodigy demonstrated his magical wits by recommending Russian proxy servers cuz "they were maintained by criminals" & "they kept no logs" .
F**INGBULLSHIT !!
Why the hell ! We can never trust a proxy if it keeps logs or not, that's why we always use SOCKS & proxy chaining to get the work done, even when I start something casual, i chain 10 proxies using a TOR network to get the work done, & that guy was recommending anonymizer.com & anonymizer.ru . And we shall trust Russian proxy cuz its maintained by criminals ? what an oxymoron ! His ace in hole in the proxy demo was the Princeton university proxy list where he claimed that to black all of the proxies it will need 413 individual tries ! A friend of mine asked -
"Well Mr Fadia, what if you block the Princeton university site ?"
pat came the nervous reply
" Appoint a junior of yours to go into local cybercafé to get the list, Xerox it and distribute in college"
Pure F**king Genius !
He went on to use SPYPIG to get IP of any person using an image. but he didn't get on the point that what if a person has disabled image viewing on email. Anyways..it all ended with a lot of questions which he dodged by saying that there will be a query session in the end. Ah well..

Part 2 - the infamous NETBUS DEMO
I patiently waited to ask him some questions regarding IP evasion & anonymity but he started to demo NETBUS Trojan, without any logic he went on to demonstrate how he can open his CD/DVD drive on his DELL Studio 14" (by installing a Trojan server on his own laptop & executing commands on local loopback & he didn't explained it, that's why its in f**king brackets !) . I asked him, on getting chance from my trusted roommates & event co-ordinators Sumit Dimri & Varun Kumar Singh & asked him 2 simple questions (Of course I already knew the answers) -
  • What happens if a person is behind a NATBOX/Router/Firewall, then there is no use of getting IP, it might not be forwarded at all. What then ?
  • Trojans are invalid against Linux. What can you do to break into Linux Security ?
He responded by dodging the first question & diverting it to a social awareness bullshit & some problem solving (which I cant seem to remember cuz it was irrelevant). The second question was answered by saying that Windows is insecure & I myself use Ubuntu linux at home.

Again...Pure F**King genius - theprohack.com

Again..Pure F**king Genius !


From that point i got the point that he has no point :D
We moved on to the Steganography / Final session then.


Part 3 - the Steganography / Final session

The steganography session was started by exclaiming that he was contacted by FBI on 9/11 attacks (which i already knew as a matter of fact is fake courtesy of Attrition.Org & various LUG's out there) & they used images of sexy women to transmit data into them. He used a tool to hide text data into image & reverse it, nothing special, if you have been a reader of my blog I guess you probably know that Nettools allow you to do that. Then he demonstrated Bluetooth hacking by using bluesnarf (just a scan) & website hacking usingSQL injection (again..nothing special) with no logical explanation of how the injection worked. The session ended by "Roadside Sign hacking" in which he displayed pics on projector of hacked road signs by hackers at USA, Australia & other countries.

He then begin to advertise Dell laptops & the highly prestigious (READ: BELOW AVERAGE) AFCEH course conducted at Reliance Webworld. Then he ran away cuz he was running short of time & no Query Session was conducted.

Aftermath : Pure F**king Genius !

I guess you realize what I felt for the whole seminar & the whole Ankit Fraudia oops.. Fadia hype..

0 comments:

    Post a Comment