Remember when writing profiles about yourself was a cool thing to do? I did one a decade ago for graduating class in school and answered the field "What are you going to do next?" with "Web design or IT security I guess", but didn't expect both wishes to be granted...
In other words, I'm a Cyber Security Consultant now. This may or may not mean more #infosec content on here. Stay tuned!
Time for #introductions.
I'm a software engineer who went from backend to frontend development. I enjoy #lisp most, but have dabbled in too many to list. I speak 🇩🇪 🇬🇧 🇷🇺. Things fascinating me:
Manual carving is fun. I just extracted one tileset from Deltarune and am messing around a bit with #radare2 to figure out the ideal workflow to dump the rest.
So, someone on the #emacs channel asked about an encrypted P2P chat. I searched around a bit, then remembered how easy it is to chat with friends using netcat:
while true; do nc -lvp 12345; done # server
nc cool.host.tld 12345 # client
I've then invited the chat to give me a shout. For the longest time nothing happened. Then some comments on how weird this is. Someone piping a binary into the chat. Someone else the output of `yes`. Finally, a copy-paste fail from an ERC user. I stopped at that point, but like the idea.
The best part of this is that it's stupidly simple. Want encryption? Use `openssl s_client`. Want logging? Pipe into `tee -a $(date +%F)`. File transfers? Just cat the file into your client. If you enjoy this, chances are you'll like to play Pixelflut at your closest hackerspace or conference.
Not sure if humorous naming or stealthy cry for help:
- Poor Obfuscation Implementation File System
- Dreadful Drawing Format
- Horrible Word Processor Format
I knew that just salad for dinner wasn't going to cut it, so I visited the next supermarket in search of chicken nuggets to satisfy my cravings. Surprisingly enough there were no decent looking ones except... rice nuggets. It sounded too intriguing to ignore (it helps that I've tasted a "beyond meat" patty a few days earlier), so I made some today, expecting the worst.
Turns out that they taste better than the real thing. Granted, chicken nuggets don't taste much like chicken in the first place and their texture is wonky to say the least, but still, I didn't expect to prefer the vegetarian kind. It's a shame they aren't vegan thanks to some dairy products, but honestly, I don't see why they couldn't be.
CSAW Qualifications 2019 was a mixed bag of a #CTF. I assumed it to be university level, but it was way harder than that. I thought using ctfd as your platform made all the troubles go away, but it didn't. I expected my team mates to show up, but they didn't.
Nevertheless it was an educational experience. I have a better understanding of CSP and XXE now and finished at #204/1201. Publishing the exercises is a nice bonus and helps figuring out where exactly things went wrong.
If you ever find yourself annoyed that pwntools installs lots of useless binaries along with the `pwn` command (they're available as subcommands anyway, one conflicts with `checksec` and their zsh completion is broken), there's a magic --only-use-pwn-command flag. I shit you not.
Crypto challenges in CTFs are demoralizing. I can recognize patterns I've encountered in Cryptopals, but anything actually requiring you to do math I struggle with terribly. Maybe that's why people keep telling me I shouldn't pursue that particular direction in #infosec
Wildcard Consultant | Evil Emacser | Lisp Hacker | Infosec & Cryptography
Welcome to your niu world ! We are a cute and loving international community Ｏ(≧▽≦)Ｏ !