Another year has past, which means the SANS HolidayHack is in full swing. This year, many new technologies were used, which were a blast to dig into. This writeup dives into each challenge and the methodology used to solve it. A summary of the story this year is below»
Let’s take a look at the moms spaghetti from CSAW Quals 2016. This solution was a collaboration between @thebarbershopper, @jduck, and @WanderingGlitch. For those that want to play along at home, you can build your own server to throw against by the following:»
Let’s take a look at the
pwn3 challenge from WhiteHat 2016.
(This challenge was performed entirely in EpicTreasure. If you don’t want to setup the tools listed in this writeup, simply install EpicTreasure and you are off to the races. Also, mirrored from my Praetorian post)»
It is that time of year again! Time for the HolidayHack presented by CounterHack! This one is going to be fairly long, but boy are there a lot of cool challenges here. Everything from network forensics, web, image forensics, and even a pwnable.»
Symbolic execution has been a topic I have been meaning to jump into for a few months. Today we will look at how to apply symbolic execution to the Carnegie Melon Binary Bomb lab.»
Here is the video of my voice activated robot Bombly dominating Hardcore in the game Keep Talking and Nobody Explodes.»
Sent me a .doc, I will open it if your subject is "HITCON 2015"! Find the flag under my file system. p.s. I've enabled Macro for you. ^_________________^ firstname.lastname@example.org.
Brainpan3 is a typical boot2root VM that we boot and attempt to gain root access. This one is a bit long, but I hope it is entertaining and informative. Strap in!»
We are presented with a stock market game. We have to time the market just right in order to get 10x our initial cash pile. Psh.. easy peasy»
``` – CIPHERTEXT – AEBRVHWWMQHURVWFFIKVYFUCDG To Decrypt this Message, you will need to learn how a US President encrypted messages while in Paris France.»
- thebarbershopper has joined the channel
Upon connecting, we are given a prompt which asks for the following items:»
Below is the main funciton of Sigil:»
Below is the main function for Runic:»