How we hacked more than 10,000 user accounts at the University of Amsterdam
Last year, Bram ter Borch (a fellow student of the Master System and Network Engineering at the University of Amsterdam) and I did a security review of the Blac...
Author: AukeZwaan
Creating a mobile P2000 receiver using a Raspberry Pi
In the Netherlands, the P2000 network is used by, amongst others, ambulances and fire brigades, to communicate about locations of emergencies. Formally, it is p...
Using a RAT to dump Windows credentials
Some 1,5 years ago, I wrote a really basic article about Pupy (an open source RAT). In an on-site CTF I participated in yesterday, I found it quite useful in a ...
Cracking an RDP password using Crunch and Hydra
Lately, I had to crack an RDP password for a known user in an on-site CTF. In this post, I will explain how I solved this challenge.
SECCON 2016 Online CTF – Vigenere (100 points)
As the title of the challenge suggests, we are dealing with a simple Vigenere Cipher here. In Vigenere, each character of the plaintext is shifted using a key. ...
RC3 CTF 2016: goodtime (150 points)
After connecting, a prompt asking for the flag was displayed. After entering an incorrect flag, it would simply return "Nope\n" and quit. What I noticed after s...
RC3 CTF 2016: My Lil Droid (100 points)
First step, of course, is downloading the files. Turned out it was only an apk file called youtube.apk. APKs are just an archive, and can thus be extracted easi...
RC3 CTF 2016: Who’s a Good Boy? (100 points)
Let's start by having a look at the website at the URL given in the description. Then, I saw that another image was requested through an additional GET request ...
IceCTF 2016: ChainedIn (75 points)
After opening the website that was given with the challenge, I was presented a simple-looking website. Of course, I tried to log in with the credentials provide...
Using Wikipedia’s best kept secret: Simple English
Have you ever found yourself determined to ‘finally figure something out’ about a specific topic, but giving up after reading Wikipedia pages that l...