This weekend I joined team NeverTry on PlaidCTF. One of the interesting challenges that I attempted was the "no_mo_flo" reverse engineering exercise. The description provided was simple... Can you go with the flow? To begin with, we load the challenge in IDA Pro. After some parsing, we see the first step is to read 0x20 bytes from STDIN... Read More »
If there is one thing I've come to appreciate over this past few weeks, it's just how much support you are provided from the Win32 API. That being said, I wanted to tackle some Linux process injection, with the aim of loading a shared object into another process address space without having to resort to LD_PRELOAD, or stopping the process. The goal I set myself was quite simple, could I recover plain text credentials from the sshd process using ptrace. Granted, this is a bit of an arbitrary goa... Read More »
As you may have noticed, I've migrated my blog from Tumblr to a shiny Ghost powered engine. While it does feel like I'm leaving the social media buzzword bingo revolution behind, editing on Tumblr wasn't exactly made with lengthy InfoSec posts in mind. Of course, moving to Ghost in my case means provisioning and managing a new server, so I wanted to take some time to document the architecture of my solution incase anyone else is looking to make a similar change in the future. Hosting My hosti... Read More »
Of all the BSidesSF CTF challenges, I think this one has to be my favourite. Combining a mix of packet capture analysis, scripting, frustration, and trying to beat the clock. The brief provided by the challenge was quite straight forward... Read More »
Continuing my write-up series from BSides SF's CTF, today I'll be looking at a "pwn" challenge, Steel Mountain - Sensors. The challenge starts with a link, and a cryptic comment... Read More »