pieter

Hack.lu 2015: Creative Cheating

Write-up of Hack.lu 2015’s Creative Cheating challenge.

The first challenge I solved on Hack.lu 2015, hosted by FluxFingers, was Creative Cheating.

The challenge

Mr. Miller suspects that some of his students are cheating in an automated computer test. He captured some traffic between crypto nerds Alice and Bob. It looks mostly like garbage but maybe you can figure something out. He knows that Alice’s RSA key is (n, e) = (0x53a121a11e36d7a84dde3f5d73cf, 0x10001) (192.168.0.13) and Bob’s is (n, e) = (0x99122e61dc7bede74711185598c7, 0x10001) (192.168.0.37)

The solution

Upon inspection of the packet capture, we notice every packet from Alice (192.168.0.13) to Bob (192.168.0.37) contains a base64-encoded payload. E.g.

U0VRID0gNDsgREFUQSA9IDB4MmMyOTE1MGYxZTMxMWVmMDliYzlmMDY3MzVhY0w7IFNJRyA9IDB4MTY2NWZiMmRhNzYxYzRkZTg5ZjI3YWM4MGNiTDs=

Continue reading

V – For Victor

Victor

In celebration of the birth of my godson Victor in July 2014, I composed a small piece for piano. Click the image above to download the sheet music, and listen to a somewhat messy recording below.

How to set up a Wifi captive portal

Goals

The objective of this Wifi captive portal is to mimic the behaviour of a legitimate access point protected by a portal login page for demonstrational purposes. That includes the following:

  • Broadcast a rogue access point
  • Mimic captive portal behaviour:
    • User gets to see a login page when trying to connect;
    • After logging in, the user can continue to access the network and surf freely.

Continue reading

Grab password with XSS

Automatic completion of passwords in web forms allows attackers to grab your password if an XSS vulnerability exists.

We don’t usually associate XSS vulnerabilities with compromised passwords, but it is sometimes possible to steal login credentials through XSS vulnerabilities on a website. Take a look at the example attack below.

Continue reading

HTTP Auth Phishing

HTTP Auth offers attackers easy phishing. This post describes how it is done and how the attacker could circumvent the constant reappearing of the authentication prompt.

Intro

An attacker could force an HTTP authentication pop-up window in the victim’s browser and log the input to a file on his own server. This post is the write-up of an idea I had a while ago. While investigating, I found out the idea had been coined before. Find some related posts below my findings.

This attack doesn’t require much work from the attacker. Let’s have a look at some of the configuration he needs.

Continue reading

Ik Weet Het Niet

Omdat ik wel eens kan lachen met het lied “Mystery” van Hugh Laurie, besloot ik een eigen Nederlandstalige versie te maken. Dat klinkt als volgt.

Ik Weet Het Niet

Ik weet het niet
Heel mijn leven al weet ik het niet
Waarom het nooit gelukt is, mijn cherie
Jij en ik, mijn schat, ik weet het niet

Zuid-Fiji
Jij had een bootverhuur in Zuid-Fiji
En tot daar zwemmen, dat kon ik niet
‘t Is dus niet dat ik niet echt inzie
Dat dat ons parten speelde, mijn cherie

Sinds mijn operatie
Heb ik last van een etterige substantie
Ik heb er zelf geen last van mits tijdige interventie
Maar ik snap dat het te veel zou zijn voor jouw tolerantie
Tolerantie

Mogelijk moest je mij helemaal niet
Als je me ooit zou hebben ontmoet, cherie
Zou je me gehaat hebben met een vurige passie
En dat is niet het laatste probleem dat ik hier zie

Dood sinds 2003
Jij bent dood sinds… wacht secondje da’k eens zie
Elf jaar over een maand of drie
In rook opgegaan bij je crematie

Dus waarom houd ik nog van jou?
Waarom ben ik verzot op jou?
Waarom schreef ik dit lied voor jou?
Ik weet het niet.

Ubuntu Playing No Sound and Speeded Video

Having trouble with audio and video playing too speedy in Ubuntu after an upgrade? Here’s a very easy solution I finally found after much of needless deleting, reinstalling and replacing software packages.

If your problem is the same as mine, meaning Youtube plays movies too fast and no sound can be heard, the problem are settings of pulseaudio. The solution is simple.

rm -r ~/.pulseaudio

Enjoy!

“Sanomme”

It’s been a while since I wrote this music. It was 2008 when I first composed the piece for trombone and piano, while I later arranged it for trombone and full harmony band.
I decided I wanted to put the music on this little blog for the world to see, use and share. So here it is.

“Sanomme” for trombone and piano
– “Sanomme” for trombone and harmony band (coming up)

Hereby I publish this music under the CC license (which means you are free to download and perform it). All I ask is for a little heads up if anybody ever performs it.

If you’re looking for a recording of the music, look no further (piano version only).