Tag Archives: IRC

Setting up Slack for MiSec

Some time last year, I wrote a post about setting up an IRC client on my VM. The idea was that since it’s always online, I’d always have the chat history for the #misec IRC channel. That way I’d never miss a mention or interesting conversation.

Since then, a lot has changed and I don’t connect to that machine as much as I used to.  I had to restart it a few times so the “always online” theory quickly fizzled out as well. I found that a majority of my MiSec conversations were on twitter or in person.

Why Slack?

At the RuCTF, we used misecredteam.slack.com to transfer notes and share files. For those that don’t know about Slack, it’s a modern chat client. While it may be just another messaging app to some people. I’ve used it through college, at work, and for groups like MiSec and lansing.codes. There’s been talk about trying to get an official MiSec slack channel.

During the November Lansing social, we did just that and misecgroup.slack.com was created. Later that night I found a project on Github that had a “push button” solution for creating a auto-invite application on heroku.com. Shortly after setting that up, I was able to tweet out the URL and people starting joining the new channel. If you’d like to set up a similar invitation application, then read the Github description and press either the Heroku or Azure deploy buttons based on what service you want to use to deploy the application.

How it works

The app works great. Heroku even took care of a lot of the hosting details, like handling TLS. Within a day, the channel had 30 members and I didn’t have to manually invite anyone. The only change I made to the app was cosmetic. I didn’t like the gradient background so I replaced it with a more “cyber” background. In order to change the application, I had to fork the github repository and connect it to my Heroku app. I used git and the Heroku CLI to do the heavy lifting. To change the background I simply replaced the bg.jpg in the images directory and redeployed the app.

IRC or death

A lot of MiSec members prefer to stay on IRC. In an attempt to accommodate their preferences, I opened an IRC gateway to connect to the channel from their favorite IRC client. However that still requires to be on the #misec IRC channel and the irc channel for MiSec slack… The only thing more annoying than having to be in multiple chats is being in multiple chats for the same reason.

So I found an alternative with the help of some MiSec friends. Another Github project called slack-irc.  The bot uses nodeJS to run, so hopefully anyone attempting this themselves have some experience with npm. Slack-irc made it possible to set up a slack bot that integrates with another IRC channel. So now #misec is in misec.slack.com’s #general channel and vice versa.

Demo from GitHub, show's how it looks for each client.
Demo from GitHub, show’s how it looks for each client.

Becoming a Slacker

If you’re interested in joining the MiSec slack channel, follow the steps below:

  1. Get an invite by going to misec.herokuapp.com and entering your email address you’d like to use for the account
  2. Finish creating an account for the channel
    (Please note the team URL is misec.slack.com)
  3. Sign in from a Slack application on whatever device you prefer if you don’t want to use the web client.
  4. Optional: Go to https://misec.slack.com/account/gateways for instructions on connecting over IRC

Found a group, sticking with it.

GrrCon 2015 is in October, it’ll be a great conference with a lot of talks. It’s the first con I’ll be able to attend. The tickets are a little expensive and I was unsure about going since this would be my first conference… Not to mention I’m still trying to get through college and I’m tight on money. So of course, I’m volunteering! I’ll be working my butt off to get you the best Con possible while making all the connections I can. I shared this on Twitter and my post was noticed by a #MiSec member and I was invited to a social night. MiSec is the first real hacking group that I’ve been able to attend in person. At the social, I met new people and they showed me a lot of things. I picked a few locks, heard stories of previous cons and some awesome presenters. I was inspired to give this group my all, while learning all I can. This is a valuable stepping stone on my way to becoming a hacker.

If you read my sappy intro, then you’ll be happy to getting to this part. #MiSec has a IRC channel on irc.freenode.net  and there’s many ways to get on that channel. There’s a lot of people there who can teach you a lot but beware it can get a little spicy. A quick and simple way to log on is on irccloud.com. I was on in about an hour and meeting more people.

One of the members helped me set up irssi on my Virtual Machine with screens. This website and greenjam94.me is hosted on a little box that wasn’t getting much use besides web hosting. Now, it’s continuously connected to the IRC channel and logging every single post. Which I find awesome, I’ll never miss a single tip or trick! (or so I hope).

Setting it up was was really easy, I followed along with this beginner guide which was useful. It also helps to be in touch with someone who’s done it before. After that, it’s all set up, I can SSH into my server from anywhere. type “screen -rd” to reconnect to the permanent IRC connection and start talking to all my new buds.

Some commands I want to remember for this:
Screen
$ screen -rd   – reconnect to last screen
ctrl-a #          – go to screen #
ctrl-a c           – create screen
ctrl-a k          – kill screen
more found here at: rackaid

irssi
/win #            – Go to win #
ctrl+n           – next window
ctrl+p           – previous window
/LAYOUT SAVE               – save windows
/SAVE            – save default theme
more at: irssi docs

Step 1: Join the community

When people say “I want to be a Hacker” a lot of people don’t know where to start. Google is a good option but there’s a lot of dead ends, if you try to find “How to hack my friend’s Facebook account” you’re more likely to find a way to get a virus then to actually find a way to get into Facebook.

Step 1 to becoming a Hacker:

Find communities both online and local. Now, Hacker is the buzz word here, but most of the information security professionals have more “proper” names such as: Penetration tester, Incident Responder, or Forensic Analyst.

Find a title a little more specific that you want to become, and you’ll find a more reliable answer. For instance, if you want to break into companies code, then you should look at penetration testing. If you want to do the opposite of that, look at incident response. These will help you find the right group to help you learn.

There are forums, IRC chats, and tutorials online that are very beneficial to learning information security. Finding experienced people willing to help you along the way is also an amazing advantage. It all depends on how you want to learn. There’s a lot of different kinds of communities. Do not be afraid to find a few to find your favorite.

Joining local communities are the fastest and possibly the most fun way to get into hacking. There are hackerspaces, groups, and classes; where you can learn quite a lot. It’s the same group of people, and there is a massive amount of experience pooled between everyone, it’s harder to not learn anything then to learn something. But one of the most important opportunities are the conventions!

Why go to Conventions if you have a community?

There was a convention in Washington DC that covered three tracks: “Build it, Belay it, Bring it on”.  This convention was so popular that their tickets sold out in 5 minutes. Going to conventions is important because it’s a way to meet other people who really know their field. You are learning from the best when you go to conventions like Shmoocon or Defcon.