Programming, Electronics and Security!
Can you spot the difference? kitters cattos. They are also available at /problems/whats-the-difference… on the shell server In order to easily solve this challenge, I’ve used xxd and cut to generate an ascii hexdump of the images: Since I wanted to do a per character diff I wrote the following Python script: And finally run the script:
Hello, Here’s a quick article on how to bypass calls to ptrace when debugging a Linux executable. By calling ptrace with the PTRACE_TRACEME option, a process can detect if it’s being debugged and execute different instructions. This an effective anti-debugging technique. For example, take the following C program: If we execute the program from above we get Normal flow on … Read more
Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbg Use an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it) Step through the challenge and see where it takes you. Write-up: Debug Me Thanks!
Hello, Here are my write-ups for the X-MAS CTF 2019 organized by https://htsp.ro/. Reversing: Santa’s crackme Santa’s crackme is easy to solve when using Ghidra, all you need to do is open up the binary, read the code and use the XOR Memory script from Ghidra. Reversing: X-MAS: Lapland Mission Since this is an Unity game we can easily patch … Read more
Whenever I have to concentrate on some programming task I listen to the following playlist, it gets me going and puts me into a pleasant mood. 🙂
Hello, Here’s how I’ve solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: The scan shows an nginx web server and ssh. If we visit the web server we’ll find a Gitlab instance. Gitlab is used by developers to host their source code. I tried searching for exploits but nothing … Read more
Hello, I wanted to self host my WordPress blog and for that I’ve chosen Digital Ocean (referral link). Because I’m lazy and I don’t know how to configure web servers that well I’ve used DigitalOcean’s WordPress one click install, the package installed WordPress and did the following things: Enables the UFW firewall to allow only SSH (port 22, rate limited), … Read more
Hello, Here’s my write-up for the Traverxec machine. Initial Shell: google User Hint: Read the configuration carefully and `ls` dem directories, and don’t forget, you’re the web server! Root Hint: In linux you can configure commands to be executed without requiring a password. The password for the PDF is the root flag. Link: BananaPr1nc3-Traverxec.pdf
Hello, Here’s my write-up for the Reversing DSYM challenge from HackTheBox. PDF: https://1drv.ms/b/s!ApWG8dlpzmQV-F7NJOZ2GJ0-f0ZJ The password for the Write-Up is the challenge’s flag. To solve it I’ve used: https://ghidra-sre.org/ https://gchq.github.io/CyberChef/ Write a comment if you need a hint or something is not clear. Thanks for reading!
Hello, In this post I’m going to show you how quickly you can add a dark theme switch to your Vue.JS application. We’re going to start with a blank application. And then we’re going to create a dark-theme CSS file which we’re going to save in public/css/darktheme.css. This is how the application looks without any CSS. Now, we’re going to put … Read more