BkPctf - Kendall

I was going to write how to solve Kendall, a "pwn" challenge, but the author posted a nice write up I probably spent a good hour and a half looking at the binary trying to see if something is exploitable (good job!) before I managed to figure out…

BkPctf - Wood Island and Orient Heights

This weekend was the Boston Key Party Ctf. There were a bunch of challenge, and my team did pretty well (top 10) even though we didn't have a lot of our regulars. Two of the problems involved signing a string "There is no need to be upset" using…

LED Tie Bar - Software

The software isn't my best work. I did try to make the effects and color generation abstract, which is why I ended up using a Teensy vs an Trinket Pro or similar. I just needed more processing power. The software that was loaded when I gave them out as gifts…

LED Tie Bar - Hardware

Parts list For each: Generic Metal Tie Bar - http://amzn.com/B00E5YW8L6 Teensy 3.1 - https://www.adafruit.com/products/1625 NeoPixel Stick w/8 Pixels - https://www.adafruit.com/products/1426 Micro Lipo Charger - https://www.adafruit.com/products/1304 500mAh LiPo Battery - https:…

LED Tie Bar - Overview

For my groomsmen gift for my wedding, I decided to do an LED tie bar. I think it turned out pretty well. Hopefully they will all like them (and they don't see this before they get them!) The bar is a metal tie bar with a 8 NeoPixel (WS2812B) LEDs…

DEF CON 2014 Finals – wdub v2

Once again I’m gonna talk about the 2nd version of a service from DEF CON 22’s CTF finals. This time it’s wdub; a simple HTTP server. Version 1 had an integer overflow which lead to a stack overflow. (edit: DEF CON CTF Challenges available @ http://shell-storm.org/…

DEF CON 2014 Finals - imap v2

This year, like last LegitBS released updated services part way through the competition with the old vulnerabilities fixed and new ones. The first imap service (implements the IMAP protocol) had a bug in the SELECT command that would overflow the mailbox name, allowing one to change the username to “.” which…

Ironman Lake Placid

This post has nothing to do with CTF, Technology or hacking… but I need a place to write this down that isn’t owned by some random company.. so this is it. This past weekend was spent in Lake Placid, NY… for me to do Ironman Lake Placid on Sunday…