Posted: 2019-06-04 19:13:20 (ohai)This past weekend I participated in the CTF at CacklackyCon put on by EverSecCTF. Our Team
noob_noobt... Whole Post
Posted: 2018-02-26 02:24:35 (ohai)
Find the hidden flag.
You do not need to bruteforce. Don't do it.
ssh email@example.com -p 2222
SSH'ing to the box we are presen... Whole Post
Posted: 2018-02-26 01:41:11 (ohai)"A man with a watch knows what time it is. A man with two watches is never sure." - Segal's Law
The third piggy (from Brick House) isn't too happy. Maybe you can... Whole Post
Posted: 2017-07-26 01:57:36 (ohai)This was a neat challenge put on by the Augusta BSides folks as I guess some what of a teaser before the actual event.... Whole Post
Posted: 2016-11-07 03:15:09 (ohai)This was a pretty painful web challenge from Hack The Vote. There was a kind of comedy of errors basically leading to the flag.
Upon loading u... Whole Post
Posted: 2016-09-05 17:26:16 (ohai)Tokyo Westerns 2016 was this past weekend and one of the challenges (Judgement) had you connect to a remote listener and send it somethin... Whole Post
Posted: 2016-08-28 10:39:38 (ohai)
While I'm still kinda halfway in CTF mode I thought I'd knock out one more this weekend. This was the only reversing challenge that was up on BioTerra. Although I did waste a lot of time on this o... Whole Post
Posted: 2016-08-20 17:15:47 (ohai)
It's been a while. Kinda let this thing go but it's come back out of a need to get flask working with uwsgi with nginx (sorry, tornado, you're dead to me). Anywho, the bulk of the site has been rec... Whole Post
Posted: 2015-05-24 16:57:28 (ohai)
edit: 2017oh lawd this is awful, i promise to clean this garbage up... one of these days..
Today I took a look at what appears to be a fairly popular CAPTCHA plug... Whole Post
Posted: 2015-05-24 16:40:48 (ohai)
In this video we brute force (lol, no, dictionary attack!) a web form (from Damn Vulnerable Web App) to get the admin password using Burp Intruder. EDIT: I'll see about writing up a quick pytho... Whole Post
Posted: 2015-05-23 16:47:04 (ohai)
In this video we exploit client side input validation to steal another user's cookie. This is a fairly standard and straightforward action. The first time I saw this in action was during a SANS cou... Whole Post