Posts

Write-up of the Engraver challenge of GoogleCTF 2022. Official description You can see pictures of a robot arm laser engraver attached. Can you figure out what it is engraving? Note: the flag should be entered all in upper case. It contains underscores but does not contain dashes. Good luck! We are given a ZIP file containing engraver.pcapng, robot.jpg and robot_engraving.jpg robot_engraving.jpg showing a 6-axis robot drawing G letter with a laser pointer Exploration USB capture Let’s start by opening engraver....

Write-up of the Weather challenge of GoogleCTF 2022. Official description Our DYI Weather Station is fully secure! No, really! Why are you laughing?! OK, to prove it we’re going to put a flag in the internal ROM, give you the source code, datasheet, and network access to the interface. We are given a ZIP file containing Device Datasheet Snippets.pdf and firmware.c. We are also given a server host and port: weather.2022.ctfcompetition.com:1337. Exploration Datasheet snippets Let’s start by reading the datasheet snippets Device Datasheet Snippets....

Write-up of the Myster Mask side-channel analysis challenge of French Cybersecurity Challenge 2022. Official description You will have to analyze the consumption traces of an early implementation of the AES made by Myster Mask. Will you be able to exploit these traces to make the difference? The part to target corresponds to the inversion step in the calculation of the S-box in the first round of the AES. Only this step is implemented, it is not necessary to know the AES since this challenge is specifically focused on the inversion step....

Write-up of the Secure Green Server fault injection challenge of French Cybersecurity Challenge 2022. Official description The MegaSecure company provides a secure server allowing users to compute operations while controlling its energy consumption. The server allows to execute commands in a secure way. Indeed, it relies on a secure element in order to verify the signature of any command received before executing it. The Python code equivalent to the signature process is: 1 2 def sign(self, m): return pow(int(sha256(m), 16), self.d, self....

Write-up of the X-Factor challenge of French Cybersecurity Challenge 2022. Official description You have been asked by a client to recover top secret data from a competing company. You have tried several approaches to find vulnerabilities on the exposed servers, which unfortunately proved unsuccessful: the company’s servers look solid and well protected. Physical intrusion into the premises seems complex given all the necessary access badges and surveillance cameras. One possibility lies in the remote access that the company’s employees have to their collaborative work portal: access to it is done via two authentication factors, a password as well as a physical token to plug into the USB with biometric fingerprint recognition....

How to recover calendars from a OwnCloud database dump. I had to recover someone’s calendars from an OwnCloud SQL dump. I will detail the steps I went through in this post. Export CalDav calendar from SQL dump To explore a large SQL file, here my_database_dump.sql, it is easier to import it as a new database rather than exploring the text file. Here I am using PostgreSQL but it should also work with MySQL or MariaDB. 1 2 sudo -u postgres createdb owncloud_backup sudo -u postgres psql owncloud_backup < my_database_dump....

This article details how to display Unifi access points metrics on a Grafana Worldmap. I have been working on deploying and setting up a new monitoring stack for Crans network organisation. We switched from Munin and Icinga2 to Prometheus paired with Grafana dashboards. Using Prometheus SNMP1 exporter, this new monitoring stack can collect metrics from all of our Unifi WiFi access point. This article describes a minimal setup that display Unifi metrics onto a Grafana Worldmap panel. What components will be used Unifi Controller: the official controller to provision and monitor Unifi access points, Prometheus: time-series database, Prometheus SNMP exporter: a Prometheus exporter collecting metrics from SNMP, Grafana: a tool to create dashboards to analyse Prometheus metrics....

On the design of BlobbyFish, a Flappy Bird clone in VHDL. Blobbyfish was implemented for a VHDL academic course project in 8 hours. It is based on Flappy Bird but a little bit simplified for the purpose. This is a team project made with Otthorn. It was a great project to start coding in VHDL and explore all main concepts. Please note that this was implemented for the Digilent Basys 2 using Xilinx ISE. All the code is available there under the GPLv3 license: https://github....

Let's analyse and replicate Dell OEM modifications made to Ubuntu on Dell G3 3779. This guide assumes you have a freshly-installed Ubuntu 18.04 installed on your Dell G3. Following the following steps will recreate the configuration that Dell ships on Ubuntu-preinstalled G3 laptops. WARNING: THESE STEPS ARE PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND. If you lose your data, brick your device, any other damage or anything else happens (e.g. your cat eats your dog), it is YOUR PROBLEM and YOUR RESPONSIBILITY. You have to make sure to get a recovery disk before making these changes....

A list of simplified board pinout schematics found online. Pinouts from BQ Boards Arduino UNO, source Arduino Mega, source Arduino Micro, source Arduino Leonardo, source Arduino MiniPro, source Arduino Nano, source BQ Zum, source AtTiny, source Peripherals Document describing multiple setups for peripherals on Arduino (source): Full document (without microcontrollers) LCD screen (Hitachi 44780 compatible), source RS232 connector, source SD Card, source