• Tiny 3D Engine on the ATmega328 (Arduino UNO)

    This project was more like a proof of concept than actually making a fully functional 3D engine on the ATmega328, I was curious to see if the AVR could handle something like this and display lowpoly 3D models. After meeting and talking with Xark (https://github.com/XarkLabs) on IRC, I discovered his fork of the Adafruit GFX library and was surprised with how..[read more]
  • Huawei Modem API and Data Plan Monitor

    Story time For the past five years I have been waiting for Greek telecoms to put a proper landline at my place in order to enjoy the internet like I used to in my previous homes. To be honest, I had this for granted before moving here just because of the fact that I am living 15 minutes from the capital,..[read more]
  • DEF CON 2015 Quals - access control (1pt) writeup

    The challenge description was: It's all about who you know and what you want. access_control_server_f380fcad6e9b2cdb3c73c651824222dc.quals.shallweplayaga.me:17069 A binary called client_197010ce28dffd35bf00ffc56e3aeb9f was provided. Let's connect to the server and see what it's really about (since the server is offline now I'm going to try and replicate what was happening): mrt:~/ctf/defcon/reverse/nc access_control_server_f380fcad6e9b2cdb3c73c651824222dc.quals.shallweplayaga.me 17069 connection ID: &7"R%{7+e*QZAu *** Welcome to the ACME data retrieval service *** what version is your..[read more]
  • DEF CON 2015 Quals - mathwhiz (1pt) writeup

    The challenge description was: mathwhiz_c951d46fed68687ad93a84e702800b7a.quals.shallweplayaga.me:21249 This was a programming challenge, when connecting the server would ask us to solve some basic mathematic operations such as: 1 + 2 If you know how to parse data it is pretty straight forward, after a couple attempt to see where the script would fail (such as when the server would ask to solve ONE +..[read more]
  • DEF CON 2015 Quals - babycmd (1pt) writeup

    The challenge description was: babycmd_3ad28b10e8ab283d7df81795075f600b.quals.shallweplayaga.me:15491 A binary called babycmd_3ad28b10e8ab283d7df81795075f600b was also provided. Let's quickly check what happens when we connect to it: mrt:~/ctf/defcon/baby/babycmd$ nc babycmd_3ad28b10e8ab283d7df81795075f600b.quals.shallweplayaga.me 15491 Welcome to another Baby's First Challenge! Commands: ping, dig, host, exit We need to find a way to run other commands and get the flag but a couple characters we could use to pipe or chain other commands are actually..[read more]
  • VolgaCTF 2015 Quals - Captcha (150pts) writeup

    The challenge description was: We've got a rather strange png file. Very strange png. Something isn't right about it... (a PNG file with what seemed to be the letter 'i' was provided) Let's have a quick look at this file: mrt:~/ctf/volga/stego/captcha$ xxd capthca.png | less 0000000: 8950 4e47 0d0a 1a0a 0000 000d 4948 4452 .PNG........IHDR 0000010: 0000 0100 0000 0100 0802 0000 00d3..[read more]
  • VolgaCTF 2015 Quals - Bash (125pts) writeup

    The challenge description was: Just another super-puper secure shell. nc bash.2015.volgactf.ru 7777 A binary called tiny_bash was also provided. Let's quickly check what happens when we connect to it: mrt:~/ctf/volga/pwn/bash$ nc bash.2015.volgactf.ru 7777 Welcome to our small secure shell.You are disallowed to execute several types ofcommands.Are you able to bypass these restrictions? >> help >> ls This command is prohibited. >> exit >> ^C Appears like a small shell with..[read more]
  • VolgaCTF 2015 Quals - Database (75pts) writeup

    The challenge description was: Hack the database! nc database.2015.volgactf.ru 7777 A binary was also provided so let's have a look at it: mrt:~/ctf/volga/pwn/database$ file database database: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=d9a1acedc81f211feef5289d2cb05effd06d4a34, not stripped So we have a x64 ELF binary, let's have a quick look at what is exactly going on when we connect to..[read more]