RingZer0team CTF - Challenge 65

Posted on Sat 24 June 2017 in Security • Tagged with Security, Tech, RingZer0Team

This is a continuation of my series on RingZer0Team.com.

Challenge 65 ("Hide my ass in my home", under the Forensic challenges) is a nice quick little forensic challenge. You get to download a .tar file, and do a bit of digging to uncover the flag.

This was a nice easy few minutes. After downloading the archive, I discovered a few files inside - including a particularly groovy electronica swing track, which I'm listening to again right now. Yeaaaaahhhhh.

Apart from a groovy mp3, the archive contains some dot-files such as …


Continue reading

Wireguard - Part Three (Troubleshooting)

Posted on Mon 12 June 2017 in Tech • Tagged with Tech, Security, Wireguard, Networking, Linux

This is part of my brief series on Wireguard. I'm pretty enamoured with Wireguard and the way it works, but there were a couple slightly curly bits that I needed to get my head around. This troubleshooting guide is a rough dump of the issues I had, and how I fixed them.

Gotten Stuck?

At this stage, there are actually a few ways that this can go wrong, even though we haven't done much. Think through all the bits:

  • Installed Wireguard at both ends
  • Set up your NAT rule on …

Continue reading

Wireguard - Part Two (VPN routing)

Posted on Sun 11 June 2017 in Tech • Tagged with Tech, Security, Wireguard, Networking, Linux

This is a continuation of my brief series on the new Wireguard VPN. Part One was about the simple building-blocks to get Wireguard working between two endpoints. Now that we've got a couple machines able to ping each other by IP address, we can carry on a bit deeper into the inter-LAN routing stuff.

Extending on from the IP addresses in Part One, instead of JUST connecting to the remote machine, I want to actually have access to everything on the whole 10.20.0.0/16 network; even the …


Continue reading

Wireguard - Part One (Installation)

Posted on Sat 03 June 2017 in Tech • Tagged with Tech, Security, Wireguard, Networking, Linux

Wireguard is the most excellent VPN stack around. It's really fast, the concept of Cryptokey Routing is awesome, and I love the speed and simplicity benefits that come from opionionated cryptography. The protocol is so simple - expressed in a mere 4k lines of code - that it's auditable by anyone.

But.

With my initial naive approach, I found myself using HTTPS, over ports forwarded over SSH tunnels, connected over Wireguard. Although it was straightforward to get Wireguard working between two endpoints, I ended up in nested-crypto hell.

So, this brief series …


Continue reading

Pan-fried Spicy Miso Chicken

Posted on Mon 29 May 2017 in Food • Tagged with Recipes, Food

Jeez I just discovered I've only posted a single recipe on this. Time to change that.

Chicken for dinner tonight. I was feeling a little adventurous, and definitely wanted some miso involved, but also felt like cayenne pepper and shallow-fried chicken strips. Here's the result! This went really well on a base of bulgur wheat, and with a side of stir fried veggies.

Ingredients

  • Two chicken breasts, skinless
  • 2 tsp miso paste
  • 2/3 cup plain flour
  • 2 tsp celery salt
  • 1 1/2 tsp onion powder
  • 2 tsp smoked …

Continue reading

RingZer0team CTF - Linux Sysadmin challenges

Posted on Sun 28 May 2017 in Security • Tagged with Security, Tech, RingZer0Team

There are a bunch of fantastic Capture The Flag security challenges on RingZer0Team.com. I've been working through some of these for a wee while now, and with the New Zealand Cyber Security Challenge coming up again soon, I thought I'd get back into some of them.

The Sysadmin Linux series of challenges is where you're trying to breach the security of a Linux system. I actually finished most of these last year, but I wanted to finish my last two. Of course, to get to the last two stages …


Continue reading

RingZer0team CTF - Challenge 148

Posted on Sat 27 May 2017 in Security • Tagged with Security, Tech, RingZer0Team, Python

There are a bunch of fantastic Capture The Flag security challenges on RingZer0Team.com. I've been working through some of these for a wee while now, and with the New Zealand Cyber Security Challenge coming up again soon, I thought I'd get back into some of them.

Challenge 148 ("Sysadmin Linux Level 2") is one of a series of challenges where you're trying to breach the security of a Linux system. I actually finished most of these last year, but I wanted to finish my last two. Of course, to …


Continue reading

RingZer0team CTF - Challenge 57

Posted on Fri 05 May 2017 in Security • Tagged with Security, Tech, RingZer0Team, Python

This is a continuation of my series on RingZer0Team.com.

Challenge 57 ("Hash Breaker Reloaded", under the Coding Challenges) is one of a series of challenges where you're simply presented with a hash - you need to return the plaintext value to the page within 3 seconds.

In contrast to Challenge 56, this challenge also includes a salt:

You have 3 seconds to break this hash
Send the answer back using https://ringzer0team.com/challenges/57/[clear_text]


----- BEGIN HASH -----
ab9507edbb2501b3c02e47c51af0178d68655980
----- END HASH -----

----- BEGIN SALT -----
c2ac9d8d004b4011d0864e76c7ebaaccfd18464bb8ff66bdbf19a703eb95a944
----- END SALT -----

The hash looks like …


Continue reading

RingZer0team CTF - Challenge 56

Posted on Tue 02 May 2017 in Security • Tagged with Security, Tech, RingZer0Team, Python

There are a bunch of fantastic Capture The Flag security challenges on RingZer0Team.com. I've been working through some of these for a wee while now, and with the New Zealand Cyber Security Challenge coming up again soon, I thought I'd get back into some of them.

Challenge 56 ("Hash Breaker", under the Coding Challenges) is one of a series of challenges where you're simply presented with a hash - you need to return the plaintext value to the page within 3 seconds.

Of course, this is impossible to do manually …


Continue reading

HP Procurve's warn-and-disable

Posted on Sun 30 April 2017 in Tech • Tagged with Tech, Networking

Since mid-2016, I've been working as a Network and Security Administrator. While I'd done a fair amount of networking previously, most of my experience had been with either unmanaged switches, or in a pre-built Cisco environment. Stepping into the world of managed networking was new for me, as was stepping into the world of HP Switches.

We were having recurring issues with a certain business unit looping ports on a switch. We had loop-protect running, but it was only set to disable the port after 5 seconds, and only for …


Continue reading