Welcome to my blog
Comfort with a 34 key Keyboard
Comfort with a 34 key Keyboard My current keyboard is the Ferris v0.2. I’ve been using it for about 6 months now and it feels very much like my endgame keyboard. Before I go onto to tell you about why this is my endgame keyboard, I’ll tell you about my past keyboards. Past Keyboards Corsair K70 This was the first keyboard I bought, it’s a full sized keyboard, back then having more keys at my disposal seemed like a good idea....
Understanding rabin2 output
Prelude If you don’t know what rabin2 is/what it does. Rabin2 understands many file formats: Java CLASS, ELF, PE, Mach-O or any format supported by plugins, and it is able to obtain symbol import/exports, library dependencies, strings of data sections, xrefs, entrypoint address, sections, architecture type. [src] The binary info option of rabin2 outputs quite a lot of information, however there’s no explanation to what each of the values mean, they can be quite cryptic especially to those not familiar with reverse engineering....
SNI and ESNI
Prelude I have a DNS resolver setup at home which my home devices use and set it to use DNS over TLS (DoT) to resolve queries so ISPs and such can’t see the domains I’m visiting, but SNI is leaking out the sites I’m visiting and there’s nothing much I can do about it for now. 😣 What is the Purpose of SNI Problem Name-based virtual hosting allows multiple DNS hostnames to be hosted by a single server (usually a web server) on the same IP address....
CDDC 2019 LSCVM Writeup
This is actually a challenge from the qualifiers, but because this challenge will be used in the Finals again so we weren’t allowed to post about it until after the finals. More on that later, here’s the writeup. LSCVM: Immaculate Invasion DESCRIPTION During our recon on the notorious fools of LightSpeedCorp, we have discovered this service which runs on a really simple, tiny, trivial, virtual machine that they have created....
CDDC 2019 Qualifiers Writeup
This year’s CDDC Qualifiers was very different from the previous year which was more of an ‘red team’ ctf, this year’s qualifiers is a jeopardy style ctf and it’s pretty focused on OSINT which I’m not really into, but anyways here are the writeups for some of the more interesting challenges I solved. [B-1] Fight the Binary Monster Category: OSINT_Blue Drats, we found an unknown executable that someone uploaded to one of our web servers....
System32 Magic
So I was using 32-bit python on windows and trying to read a binary in System32. with open(r'C:\Windows\System32\FileHistory.exe', 'rb') as f: content = f.read() Then I was thrown the following error. This makes no sense, I know the file exists in System32. After some hair tearing and swearing, I figured it out. This error occurs because 32-bit applications are redirected to SysWOW64 when they try to access System32 and there is no FileHistory....
Where are the Strings in Windows Binaries
Prelude The Windows Binaries I’m talking about here are the ones that comes default with Windows provided by Microsoft. Searching for Strings in the binary I was analyzing a Windows binary C:\Windows\System32\where.exe when I realized the help text of the binary cannot be found anywhere in the binary. After some futher investigation using Process Monitor from Windows Sysinternals I found out that it is reading from C:\Windows\System32\en-US\where.exe.mui during it’s execution....
Preventing Email Spoofing
Preventing email spoofing is important to all domain owners, even if you are not using your domain for email services as it affects the reputation of your domain. In this post I will talk about how to prevent email spoofing with SPF, DKIM and DMARC. Sender Policy Framework (SPF) SPF allows the receiver to check that an email claiming to come from a specific domain comes from an IP address authorized by that domain’s administrators....
Firefly III Setup with Docker and HTTPS
In this tutorial we will setup Firefly III using docker and setup a reverse proxy to enable https, as Firefly III itself does not support https. For the purpose of this tutorial we will be using firefly.example.com as the domain. Note: This tutorial assumes you have already setup a mysql/postgres database. Docker If you have not yet installed docker refere to docker install documentation to install it first....
Certbot - Cloudflare DNS Plugin
In this tutorial we will get a wildcard certificate from letsencrypt using the cloudflare dns plugin. For the purpose of this tutorial we will be using example.com as the domain. Install Cloudflare DNS Plugin This tutorial assumes you have already installed certbot. If you have not, you can follow the instructions from certbot-eff. sudo apt update sudo apt install python3-certbot-dns-cloudflare -y API Credentials mkdir -p /root/secrets/certbot Retrieve your api key from cloudflare....