SNI and ESNI

Prelude I have a DNS resolver setup at home which my home devices use and set it to use DNS over TLS (DoT) to resolve queries so ISPs and such can’t see the domains I’m visiting, but SNI is leaking out the sites I’m visiting and there’s nothing much I can do about it for now. 😣 What is the Purpose of SNI Problem Name-based virtual hosting allows multiple DNS hostnames to be hosted by a single server (usually a web server) on the same IP address....

July 20, 2019 · 3 min · David

CDDC 2019 Qualifiers Writeup

This year’s CDDC Qualifiers was very different from the previous year which was more of an ‘red team’ ctf, this year’s qualifiers is a jeopardy style ctf and it’s pretty focused on OSINT which I’m not really into, but anyways here are the writeups for some of the more interesting challenges I solved. [B-1] Fight the Binary Monster Category: OSINT_Blue Drats, we found an unknown executable that someone uploaded to one of our web servers....

June 4, 2019 · 5 min · David