CSAW CTF 2014 - Reverse Engineering 100: "eggshells"

This is the first exploitation problem and it starts with the following text:

I trust people on the Internet all the time, do you?

Written by ColdHeat


Unzipping and Analyzing the Files

Let’s unzip the provided zip file:

$ unzip eggshells-master.zip

This creates a directory called eggshells-master ...

more ...

CSAW CTF 2014 - Networking 100: "Big Data"

This is the only networking problem, and it is only 100 points, so it turned out to be very easy.

The problem starts with the following text:

Something, something, data, something, something, big

Written by HockeyInJune


Inspecting the Wireshark File

The file extension .pcapng correspond to files for ...

more ...

CSAW CTF 2014 - Forensics 200: "Obscurity"

The third forensics challenge starts with the following text:

see or do not see

Written by marc


Hacking PDFs, what fun!

In general, when dealing with reverse-engineering malicious documents, we follow these steps:

 1. We search for malicious embedded code (shell code, JavaScript).

 2. We extract any suspicious ...
more ...

CSAW CTF 2014 - Forensics 100: "dumpster diving"

This was the first forensic challenge. It starts with the following text:

dumpsters are cool, but cores are cooler

Written by marc


Unziping firefox.mem.zip

The given file has a funny extension .mem.zip. Before we go ahead and unzip it, let's try to learn ...

more ...

CSAW CTF 2014 - Forensics 200: "why not sftp?"

The purpose of this problem is to teach about the need for encrypting your data. The FTP protocol sends clear text over the wire, i.e the data is transmitted without any encryption. SSH/Secure File Transfer Protocol is a network protocol providing secure file transfer. Using SFTP, instead of ...

more ...

CSAW CTF 2014 - Cryptography 200 - Psifer School

This is the first crypto-problem, and it was supposed to be the easiest one. For this reason, I was expecting simple cryptographic algorithms, which turned out to be true.

The problem starts with the following text:

There's no heartbleed here. Why don't we use these ciphers?

nc 54 ...

more ...

A Lit Backdoor

I was never a big fan of MacBooks. Being a penguin user for so long, you learn to stop worrying and love the bomb. But here is a little trick that works for both.

In the victim's machine (presumably a macbook), create the reverse shell in the port 1337 ...

more ...

Getting your Public IP from the Terminal

Public IPv4 addresses are assigned by NIC and belong to CIDR blocks that are unique to the entire internet.

In this little post, I show many ways to find your public IP address form the Linux terminal.

Using Curl

You can curl it from IP websites:

$ curl ifconfig.me

You ...

more ...

Getting started with LAMP and CodeIgniter

Tue 25 February 2014 Category DevOps

LAMP is an acronym for a model of web service solution stacks: Linux, the Apache HTTP Server, the MySQL relational database management system, and the PHP programming language.

Building a MySQL Database

We will use a web interface to access data in our database:

  • Login with your root login/password ...

more ...

JavaScript: Crash Course

Sat 15 February 2014 Category DevOps

Installing & Setting up

JavaScript (JS) is a dynamic computer programming language. Install Google Dev Tools to proceed.

JavaScript 101

To include your example.js in an HTML page (usually placed right before will guarantee that elements are defined when the script is executed):

<script src="/path/to/example.js"></script ...
more ...