by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    techlearningcollective
    @techlearningcollective
    Just chiming in to point out that, while it's not on the calendar at the moment, we do also have a workshop specifically about CalDAV servers. Radicale user rights aren't the specific topic, but the workshop might be of interest to anyone trying to do something like what you're doing. :)
    techlearningcollective
    @techlearningcollective
    Today is another webinar day! :) If you haven't got tickets for Clearing Away the Clouds: How Computer Networks, Servers, and the Internet Work, you still have just under 2 hours to grab 'em.
    Elena Sofia
    @elenita_tweets_twitter

    Hello! I am new here and I was drawn to the mission of tech learning collective.

    I started working at a privacy-focused tech company about 6 months ago (nontechnical, marketing role). I am still getting my "sea legs" and I think this community would be a great place for me to learn. Thanks for all you do. Please let me know what resources you recommend for getting started.

    9 replies
    0xACAB
    @meitar
    Anyone here practiced with Volatility? I'm playing in this weekend's CTF (thanks for inviting/pseudo-hosting, by the way!) and am not experienced enough with this tool to know what I'm doing wrong. I have a memory dump, but none of the vol.py plugin commands give me meaningful output, as far as I can tell.
    aubrel
    @aubrel
    Hey y'all! I'm getting started on the DAWG CTF 2020. :) I just solved my first puzzle (Free Wi-Fi Part 1)! Would love to hear what other people are working on/can offer if you're playing the same game! https://umbccd.io/
    8 replies
    aubrel
    @aubrel
    Was just able to do the first two crypto ones! :D I'm pretty stoked!
    "On Lockdown" seems like an intro to buffer overflows, which led me to finding this really nice and relevant tutorial: https://dhavalkapil.com/blogs/Buffer-Overflow-Exploit/
    aubrel
    @aubrel
    Haha, there's some doxxing ones that are p fun under "Forensics" ("Impossible Pen Test").
    1 reply
    0xACAB
    @meitar
    I picked up a few of the low-point Forensics challenges in DawgCTF as well. There's some good beginner stuff in there, and a lot of Wireshark! (The Tech Learning Collective networking workshops are SUPER relevant here!)
    techlearningcollective
    @techlearningcollective
    We've published the first five in a series of over 20 new planned TLC Foundations learning modules yesterday. Enjoy!
    0xACAB
    @meitar
    It looks like the DawgCTF team raised the amount of points those "Free Wi-Fi" challenges net you because so many people were having trouble with them. Guess they were harder than the creators expected them to be. So that makes me feel a little better for not getting them quickly. :D
    0xACAB
    @meitar
    Who's playing PlaidCTF tomorrow?
    0xACAB
    @meitar
    Decent write-up of the various"Free Wi-Fi" challenges from last week's DawgCTF! https://github.com/m3ssap0/CTF-Writeups/blob/master/DawgCTF%202020/Free%20Wi-Fi/README.md I feel silly for not getting the simple client side validation one but good that we were on the right track about all the other clues we found in the pcap.
    0xACAB
    @meitar
    It also appears that WPICTF, starting in just three hours, will also have some beginner friendly challenges. I think I might check those out.
    techlearningcollective
    @techlearningcollective
    PlaidCTF and WPICTF are happening concurrently, so you can do both or either. :) We have four workshops this weekend (as usual, check our events page or subscribe to our calendar) so will be a little less available than usual to offer help or guidance but still encourage you to enjoy both of the games and have fun!
    0xACAB
    @meitar
    For anyone playing WPICTF, scroll down to the bottom of the challenge list and check out the "recon" category. I don't see those kinds of challenges in CTFs a lot and I really like them!
    0xACAB
    @meitar
    @zachmandeville_gitlab So you asked about RiceTeaCatPanda's "beginner 9" challenege. The input they gave us was base64 decoded, which is clear from the trailing = sign at the end. Here's the last bit of input from the Beginner 10.txt file (Gitter won't let me post the whole thing) that they provided for the challenge:
    MmQgMmQgMmQgMmQgMmQgMjAgMmQgMmQgMmQgMmQgMmQgMjAgMmUgMmQgMmQgMmQgMmQgMjAgMmUgMmQgMmQgMmQgMmQgMjAggMmQgMmQgMmQgMmQgMjAgMmUgMmQgMmQgMmQgMmQgMjAgMmQgMmQgMmQgMmQgMmQgMjAgMmQgMmQgMmQgMmQgMmQgMjAgMmUgMmQgMmQgMmQgMmQ=
    So we base64 --decode and get a bunch of values like this:
    2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 0a 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 0a 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2e 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 20 2d 2d 2d 2d 2d 0a
    The clear pattern is that these are all hex values, and that there are only a few different sets of them: 2d, 2e, and 20. We can use CyberChef to make this easier than I did it, but I went with a command-line approach. In hex, 20 maps to the ASCII space character. So this means that having actual spaces in the input here isn't what we want, so first I got rid of the spaces by replacing them all with a percent sign:
    base64 --decode "Beginner 10.txt" | sed -e 's/^/%/' -e 's/ /%/g'
    0xACAB
    @meitar
    The -e to sed means "execute this script" and then I provide two scripts: the first one simply prepends the % to the very first location in the input and the next one replaces all the literal space characters with a percent sign. This gives me a URL-encoded string where the spaces are part of the encoded value, so now I have input like this:
    %2d%2d%2d%2d%2d%20%2d%2d%2d%2d%2d%20%2e%2d%2d%2d%2d%20%2e%2d%2d%2d%2d%20%2d%2d%2d%2d%2d%20%2d%2d%2d%2d%2d%20%2e%2d%2d%2d%2d%20%2d%2d%2d%2d%2d%0a%2d%2d%2d%2d%2d%20%2d%2d%2d%2d%2d%20%2e%2d%2d
    Okay, from here, it's super easy to URL-decode it. I do this so often that I have an alias for it, but you can do it in one line of Python thanks to a module available in the Python standard library called urllib:
    alias urldecode='python -c "import sys, urllib.parse; print(urllib.parse.unquote(sys.argv[1]))"'
    So now I can do urldecode $(base64 --decode "Beginner 10.txt" | sed -e 's/^/%/' -e 's/ /%/g') and the result is a bunch of morse code, apparently:
    urldecode $(base64 --decode ~/Downloads/Beginner\ 10.txt | sed -e 's/^/%/' -e 's/ /%/g')
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- .---- -----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- .---- ----- .----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- .---- -----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- .---- ----- ----- .----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- ----- .----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- .---- -----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- ----- .----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- ----- ----- .---- -----
    ----- ----- .---- .---- ----- .---- .---- -----
    ----- ----- .---- ----- ----- ----- ----- -----
    ----- ----- .---- .---- .---- ----- ----- .----
    So you can clearly see that these are sets of 8. Well, 8 bits in a byte, so it would be reasonable to assume that these are morse-code versions of 0's and 1's and wouldn't you know it, they are. In Morse code, ----- is the numeral 0 and a .---- is the numeral 1.
    0xACAB
    @meitar

    Okay so now we just need to actually convert this to 0's and 1's so we can use it the way computers would expect, since computers don't really use Morse code, sooooooo sed to the rescue again, with three simple substitution scripts.

    First, replace the Morse code 0 with the numeral 0 gobally:

    -e 's/-----/0/g'

    Then do the same thing with a Morse code 1:

    -e 's/.----/1/g'

    and then get rid of the spaces so that we have a single "byte" per line:

    -e 's/ //g'

    So the full command is now:

    urldecode $(base64 --decode ~/Downloads/Beginner\ 10.txt | sed -e 's/^/%/' -e 's/ /%/g') | sed -e 's/-----/0/g' -e 's/.----/1/g' -e 's/ //g'
    Which gives us:
    urldecode $(base64 --decode ~/Downloads/Beginner\ 10.txt | sed -e 's/^/%/' -e 's/ /%/g') | sed -e 's/-----/0/g' -e 's/.----/1/g' -e 's/ //g'
    00110010
    00110110
    00100000
    00110101
    00100000
    00110010
    00110110
    00100000
    00111001
    00100000
    00110010
    00110101
    00100000
    00110010
    00110010
    00100000
    00110010
    00110110
    00100000
    00110010
    00110101
    00100000
    00110010
    00110110
    00100000
    00111001
    zach mandeville
    @zachmandeville_gitlab
    beautiful
    0xACAB
    @meitar
    Yeah except I don't know what these values are.
    zach mandeville
    @zachmandeville_gitlab
    If we put it in cyberchef, they all map to numbers:
    26 5 26 9 25 22 26 25 26 9

    and the repeated 26 (and that no number is higher) makes me sense it's an alphanumeric cipher.

    If we say a is 1 and z is 26, then the decoded is zeziyvzyzi

    if we say a is 26 and z is 1, then the decoded is avarbeabar which seems like not complete gibberish.

    "a var be a bar"
    0xACAB
    @meitar
    Right, this is the CyberChef recipe, using the "From Binary" operation. (Just throwing this here so we can share and bookmark.)
    I'm not convinced that's right and I don't think either rtcp{zeziyvzyzi} or rtcp{avarbeabar} work as flags.
    zach mandeville
    @zachmandeville_gitlab
    Yah, it's not completely gibberish and it's not meaningful either. So far, the flags have all been some full english response to the challenge title.
    and they've all been rctp{a_phrase_spaced_like_so}
    0xACAB
    @meitar
    I also don't know what the "From Binary" operation in CyberChef really does. If I run the first bit string we get into bc(1) I get this for various output bases:
    echo "obase=16; ibase=2; 00110010" | bc
    32
    echo "obase=10; ibase=2; 00110010" | bc
    50
    echo "obase=08; ibase=2; 00110010" | bc
    62
    Oh wait I just realized what the From Binary operation does, lol. It turns it into ASCII. Because in ASCII, hex 32 is the ASCII 2, and so is decimal 50, and so is octal 62.
    zach mandeville
    @zachmandeville_gitlab
    ah!
    haha, but I still don't know what it means :/
    0xACAB
    @meitar
    Yeeeeeah…me neither.
    I think your guess of it being an alphabet makes sense. 26 being the highest number is probably not a coincidence.

    Also this:

    for i in $(urldecode $(base64 --decode ~/Downloads/Beginner\ 10.txt | sed -e 's/^/%/' -e 's/ /%/g') | sed -e '-----/0/g' -e 's/.----/1/g' -e 's/ //g'); do printf "\x"$(echo "obase=16; ibase=2; $i" | bc) ; done
    26 5 26 9 25 22 26 25 26 9

    is the exact same output as from CyberChef, which proves that is in fact what it's doing. Unfortunately I don't know what these strings of numbers mean.

    zach mandeville
    @zachmandeville_gitlab

    hmmm. the hint is 'hope you been paying attention', which ties to how many different decodings we've done so far, each being the answer to a previous q.

    The other ciphers to try would be AZ126, Atbash, Bacon, and rot13/caesar

    0xACAB
    @meitar
    I tried a number of those in CyberChef already but couldn't make heads or tails of the output, though maybe I got the ordering wrong.
    zach mandeville
    @zachmandeville_gitlab
    yah...and we've done the a1z26 and atbash already, and it doesn't look like a bacon cipher (that'd be a collection of 5 character strings like AAABB ABABA)
    so really we'd just do rot13...but that doesn't give anything meaningful. I don't know, the distribution in that cipher seems weird. there's only 5 unique numbers/letters
    0xACAB
    @meitar
    It does seem a little short, but I'm fairly confident we aren't losing any data in the translation process.
    0xACAB
    @meitar
    So here is the entire CyberChef recipe for the challenge so far, and I think it's correct.
    0xACAB
    @meitar
    Welp, I'm gonna come back to this a bit later. That link should be sufficient for anyone else who wants to jump in and try to solve it with us.
    aubrel
    @aubrel

    The people behind Covid Watch (https://www.covid-watch.org/about) are looking for help on Java development and/or help with containerizing their backend server:

    https://github.com/Co-Epi/coepi-backend-aws

    There's probably a lot more to do on that project, too, it seems cool!

    "Reduce the spread of COVID-19 without increasing the spread of surveillance.

    Covid Watch aims to empower people to protect their communities from COVID-19 without sacrificing their personal privacy."

    1 reply
    techlearningcollective
    @techlearningcollective
    We've opened our Hacker Trivia Night game weekend up for anyone who wants to play. Enjoy, especially if this is your first time. :)