Archive for November, 2010

KERNEL the heart of operating system

November 15, 2010 1 comment
Hi Friends,
    Most of us use Linux boxes we can identify and update our Linux kernels if any updates / patches released we know that how to patch /update the kernels but what about windows box , will windows use kernels ? The answer is yes no operating system will run without a kernel, kernel is the heart /mind for the operating systems. Then
Can we identify our windows Kernel versions? How?
Will Linux and windows use same kernel?
How can we update our kernels in windows?
What details can we get in kernel?
                We can identify our windows kernel, but we don’t have any direct option to get windows kernel version, but yes we can get them by some log entries and using some third party tools or from the registry entries.
    When we boot a windows box an entry is generated in event log with “EVENT ID 6009”.
    The log entry doesn’t indicate whether you booted the PAE (Physical Address Extension) version of the Kernel.    We can determine the PAE Kernel version in the registry entry HKLM/SYSTEM/Current Control Set/Control/Session Manager > Physical Address Extension.

Another Process to identify your kernel details by using System Internals tools like WinDBG. Open a local Kernel version using debugging session type “List Module” to list the details for the kernel image.

*please be sure the symbols are present.

We can check Product Type and Product Suite under HKLM/System/Current Control Set/Control/Product Options > Product Type and Product Suite.

Kernel is purely works on the base of HAL (HAL is a layer of code that isolates the kernel, device drivers, and the rest of the Windows executive from platform-specific hardware differences).

Linux and windows use different Kernels

By changing / upgrading our operating systems we can change the kernel versions till now Windows vista have WinNT and Windows server 2008 have Lanman NT / server NT as a product ID.

We can use tools like SIPolicy and Windows Driver Kit to get more details about Kernel.

Categories: cyberstack, Forensics


November 12, 2010 Leave a comment

ClubHack 2010


ClubHack has reached in its fourth year & we as a team are very happy as well as excited about it.

To add to our excitement, this year we have a very special guest who will add multiple stars on the shoulder of ClubHack

The fourth sequel event ClubHack2010 is scheduled on  4th, 5th and 6th December 2010 in Pune, India.

ClubHack 2010 will be organized in “The O Hotel”


Tickets for individual events of ClubHack2010 can be registered from link


ClubHack Day 1

On 4th of December

  • Keynote – By Bruce Schneier
  • Panel discussion on telecom security from national security perspective
  • Executive Lunch with Bruce Schneier.

ClubHack Day 2

On 5th of December

  • 9 Technical Briefings from ClubHack
  • 3 Presentations of Malcon

ClubHack Day 3

On 6th of December

  • 4 workshops

* this is tentative plan of the event. We might add a few more activities or change the schedule as per change of plans if any.

Capture The Flag

What’s a security conference without a grueling CTF?
But hang on, every time you attend an event in Indian you have a different CTF with no link to last partial efforts you put.
Well dear Sir, as you rightly guessed ….., tickle your very hacking bone Clubhack and null presents the Battle Underground Diwitiya (Version 2.0 continue)
Starting from ClubHack2010 this year, we’ll be having this CTF going from conferneces to conferences (ClubHack, NULLCon, c0c0n). An year long CTF?? Yes! year long. Keep playing the same CTF in each conference & start from where you left in last one.
The event promises to be filled with fun and exciting hacking challenges.
1. You can form teams(2 members) or play as an individual.
2. You have to bring your own laptop (bring your own inbuilt / addon wifi card to have some extra fun).
3. Live CD of popular security distro would help your cause but not all the time (Backtrack, Matriux).
4. You will get internet connectivity but to be on a safer side keep usb internet dongles handy.
It will be multi level hacking challenge. In each level you will find clues to the next level. The first team to finish the final level wins.
So if its an year long event, the prizes should also be in same way, right?
Moderation team will decide the percentage covered in each event & you’ll get same percentage discount in next event.
Say you cover up 30% in ClubHack, then you’ll get 30% discount on nullcon tickets & can continue to play from 30% in nullcon. If you reach 80% in nullcon, your c0c0n ticket will be discounted at 80%.
We know everyone would love t reach 100%, correct :)
And there would be some surprise prizes too.

Categories: General