Profile cover photo
Profile photo
Gynvael Coldwind
1,277 followers -
Security Researcher
Security Researcher

1,277 followers
About
Posts

Post has attachment
CONFidence CTF 2017 - results and solutions
CONFidence CTF 2017 winners ( source ) The competition on this year's CONFidence CTF 2017  was fierce, with a reshuffle in the top places happening quite often during the final hours. But there can be only one winner and in the end team  baloom  emerged vic...
Add a comment...

Post has attachment
0CTF 2017 - UploadCenter (PWN 523)
Welcome to another Menu Chall right~ Here you can use any function as you wish No more words , Let't begin 1 :) Fill your information 2 :) Upload and parse File 3 :) Show File info 4 :) Delete File 5 :) Commit task 6 :) Monitor File UploadCenter was a small...
Add a comment...

Post has attachment
0CTF 2017 - complicated xss (web 177)
Complicated xss was a client-side web security task revolving around, well, XSSes. At the very start you were handed a way to XSS the admin (limited by proof of work) and the location of the flag - http://admin.goverment.vip:8000. And well, all you knew. I ...
Add a comment...

Post has attachment
0CTF 2017 - EasiestPrintf (PWN 150)
The task, as the name implies, was a rather basic (at first glance - there was a plot twist) format string bug in a short 32-bit Debian application. The initial description of the task was: --- Warm UP! A traditional Format String Attack. 202.120.7.210 1232...
Add a comment...

Post has attachment
0CTF 2017 - char (shellcoding 132)
The code in the "char" task was rather simple - you get to send in 2400 bytes of input (using scanf 's "%2400s", so no whitechars allowed), then the input gets checked whether there are any non-ASCII characters (also excluding all control characters like ne...
Add a comment...

Post has attachment
EKOPARTY CTF 2016 - Malware sample (RE 400)
In short, the reversing category 400 pts challenge was a journey starting with negligible x86-64 boilerplate code, leading through a somewhat obfuscated AutoIt script, and back to a small x86-64 shellcode with a small surprise. It wasn't hard in the end, bu...
Add a comment...

Post has attachment
EKOPARTY CTF 2016 - FBI 100
The FBI category is something new that I personally have not seen on a CTF (though in all honesty I did have a rather long break). An FBI task usually is about a service (or server) with a known address in one of the darknet areas of Internet (think: TOR or...
EKOPARTY CTF 2016 - FBI 100
EKOPARTY CTF 2016 - FBI 100
blog.dragonsector.pl
Add a comment...

Post has attachment
CONFidence CTF 2016 task solution slides
The CONFidence CTF 2016  is over and therefore it is time for a short summary. Let's start with congratulating once again the top three teams who took home the prizes: Tasteless (2700 pts) p4 (2250 pts) 9447  (1900 pts) Well done, well played! The full scor...
Add a comment...

Post has shared content
Last year (in June), I had the honour to present at Area41 with +Gynvael Coldwind on schizophrenic files. (this is my first talk specifically focused on this topic)

slides: https://speakerdeck.com/ange/schizophrenic-files
Add a comment...

Post has attachment
#TIL  I always thought Norton Commander (1986) was the first double-pane+command-line file manager and it set the de facto standard for such file managers.
It seems that it's not the case - two years before, in 1984, an app called PathMinder was published. It looked like this (random links from google images):
http://news.mynavi.jp/articles/2012/10/09/filer/images/002.jpg
http://www.arthur-ds.hu/images/arthur-pc/emu.gif *
http://www.latrinchera.org/foros/attachment.php?attachmentid=599&stc=1&d=1189553758

Furthermore, the name for the double-pane+command-line-type file managers is OFM - "Orthodox File Managers", and there even seems to be a standard for this:
http://www.softpanorama.org/OFM/Standards/index.shtml

Huh, the more you know ;)

* - worth adding the link to the site as well - http://www.arthur-ds.hu/arthur-pc.php
Add a comment...
Wait while more posts are being loaded