Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    0xACAB
    @fabacab
    I'm really excited to see how the virtual Mr. Robot's Hacker Happy Hour y'all have planned will go. :) Good luck!
    1 reply
    zach mandeville
    @zachmandeville_gitlab
    Same!
    sam
    @smpsnr
    looking forward to it :)
    1 reply
    techlearningcollective
    @techlearningcollective
    Great Tor workshop earlier tonight! Looking forward to the next one already. :)
    techlearningcollective
    @techlearningcollective
    zach mandeville
    @zachmandeville_gitlab
    Hi! I had a question about setting up a subscribable calendar using radicale, would anyone here have experience with this?
    zach mandeville
    @zachmandeville_gitlab
    Context: I've set up a radicale server with a public address, but requires authentication to log in and create a calendar. I've successfully created a calendar and connected to it with my thunderbird client, but it requires putting in my username and password (which is expected). I wasn't sure the process if I wanted authentication required to write to the calendar, but someone could subscribe to a read-only version with just the url.
    0xACAB
    @fabacab
    Yeah, I've set up Radicale before. By default, Radicale uses a "rights" file (as in, what rights does a given user have) to determine this. Their docs on "Authentication and Rights" describes this in some detail, but it's a bit terse. Is that what you need?
    zach mandeville
    @zachmandeville_gitlab
    I think so, yah! I was reading through that, but wasn't sure if I was understanding the architecture correctly. Specifically, if this was something I should be configuring at the server level, or if it was something I could set on a particular calendar through the client.
    2 replies
    But it seems like I'd create a calendar on the server and note it's collection path, then in the rights file would say something like:
    [read]
    user = .* #all users, including anonymous ones
    collection = 'collection_name'
    permission = r
    does that seem right?
    0xACAB
    @fabacab
    Yeah, it seems right, but test it! :) I'm not 100% confident I can reason about Radicale rights configs just from reading the config.
    zach mandeville
    @zachmandeville_gitlab
    I'ma test it now. Thank you!
    0xACAB
    @fabacab
    Sure!
    techlearningcollective
    @techlearningcollective
    Just chiming in to point out that, while it's not on the calendar at the moment, we do also have a workshop specifically about CalDAV servers. Radicale user rights aren't the specific topic, but the workshop might be of interest to anyone trying to do something like what you're doing. :)
    techlearningcollective
    @techlearningcollective
    Today is another webinar day! :) If you haven't got tickets for Clearing Away the Clouds: How Computer Networks, Servers, and the Internet Work, you still have just under 2 hours to grab 'em.
    Elena Sofia
    @elenita_tweets_twitter

    Hello! I am new here and I was drawn to the mission of tech learning collective.

    I started working at a privacy-focused tech company about 6 months ago (nontechnical, marketing role). I am still getting my "sea legs" and I think this community would be a great place for me to learn. Thanks for all you do. Please let me know what resources you recommend for getting started.

    9 replies
    0xACAB
    @fabacab
    Anyone here practiced with Volatility? I'm playing in this weekend's CTF (thanks for inviting/pseudo-hosting, by the way!) and am not experienced enough with this tool to know what I'm doing wrong. I have a memory dump, but none of the vol.py plugin commands give me meaningful output, as far as I can tell.
    aubrel
    @aubrel
    Hey y'all! I'm getting started on the DAWG CTF 2020. :) I just solved my first puzzle (Free Wi-Fi Part 1)! Would love to hear what other people are working on/can offer if you're playing the same game! https://umbccd.io/
    8 replies
    aubrel
    @aubrel
    Was just able to do the first two crypto ones! :D I'm pretty stoked!
    "On Lockdown" seems like an intro to buffer overflows, which led me to finding this really nice and relevant tutorial: https://dhavalkapil.com/blogs/Buffer-Overflow-Exploit/
    aubrel
    @aubrel
    Haha, there's some doxxing ones that are p fun under "Forensics" ("Impossible Pen Test").
    1 reply
    0xACAB
    @fabacab
    I picked up a few of the low-point Forensics challenges in DawgCTF as well. There's some good beginner stuff in there, and a lot of Wireshark! (The Tech Learning Collective networking workshops are SUPER relevant here!)
    techlearningcollective
    @techlearningcollective
    We've published the first five in a series of over 20 new planned TLC Foundations learning modules yesterday. Enjoy!
    0xACAB
    @fabacab
    It looks like the DawgCTF team raised the amount of points those "Free Wi-Fi" challenges net you because so many people were having trouble with them. Guess they were harder than the creators expected them to be. So that makes me feel a little better for not getting them quickly. :D
    0xACAB
    @fabacab
    Who's playing PlaidCTF tomorrow?
    0xACAB
    @fabacab
    Decent write-up of the various"Free Wi-Fi" challenges from last week's DawgCTF! https://github.com/m3ssap0/CTF-Writeups/blob/master/DawgCTF%202020/Free%20Wi-Fi/README.md I feel silly for not getting the simple client side validation one but good that we were on the right track about all the other clues we found in the pcap.
    0xACAB
    @fabacab
    It also appears that WPICTF, starting in just three hours, will also have some beginner friendly challenges. I think I might check those out.
    techlearningcollective
    @techlearningcollective
    PlaidCTF and WPICTF are happening concurrently, so you can do both or either. :) We have four workshops this weekend (as usual, check our events page or subscribe to our calendar) so will be a little less available than usual to offer help or guidance but still encourage you to enjoy both of the games and have fun!