CSAW CTF 2014 - Forensics 100: "dumpster diving"

This was the first forensic challenge. It starts with the following text:

dumpsters are cool, but cores are cooler

Written by marc

firefox.mem.zip

Unziping firefox.mem.zip

The given file has a funny extension .mem.zip. Before we go ahead and unzip it, let's try to learn ...

more ...

CSAW CTF 2014 - Forensics 200: "why not sftp?"

The purpose of this problem is to teach about the need of encrypting your data. The FTP protocol sends clear text over the wire, i.e the data is transmitted without any encryption. SSH/Secure File Transfer Protocol is a network protocol providing secure file transfer. Using SFTP, instead of ...

more ...

CSAW CTF 2014 - Cryptography 200 - Psifer School

This is the first crypto-problem, and it was supposed to be the easiest one. For this reason I was expecting simple cryptographic algorithms, which turned out to be true.

The problem starts with the following text:

There's no heartbleed here. Why don't we use these ciphers?

nc 54 ...

more ...

A Lit Backdoor

I was never a big fan of Macbooks. Being a penguin user for so long, you learn to stop worrying and love love the bomb. But here is a little trick that works for both.

In the victim's machine (presumably a macbook), create the reverse shell in the port ...

more ...

Getting your Public IP from the Terminal

Public IPv4 addresses are assigned by NIC and belongs to CIDR blocks that are unique to the entire internet.

In this little post I show many ways to find your public IP address form the Linux terminal.

Using Curl

You can simply curl it from IP websites:

$  curl ifconfig.me ...
more ...