Dear Medium,

My blogging journey has taken me far. I started writing articles about six years ago. Things got serious after I started studying Computer Science. Among the students of my class there was a lot of chatter. The tendency was that who was unable to communicate would soon start failing exams and eventually quit. In this setting, I started writing technical articles, first on an intranet … Continue reading Dear Medium,

The DEFCON 27 Packet Hacking Village Honeypot Challenge

This year marks the first time I got to attend DEFCON Las Vegas — one of the largest hacker conferences in the world. There are a plethora of things to discover and try out. The talks can be streamed later, but the workshops and spontaneous gatherings? A challenge that caught my eye was the honeypot challenge in the packet hacking village. The setting is simple: You gain … Continue reading The DEFCON 27 Packet Hacking Village Honeypot Challenge

HackTheBox fs0sciety Write-up

fs0ciety is yet another low-hanging fruit among the HackTheBox challenges. It’s great for beginners who want to test their process for cracking password-protected zip files and recognition of various encodings. For that, we will use fcrackzip – simply for the reason that it has been around for ages and ships with Kali by default. I have sourced my wordlist from here. Let’s fire up the … Continue reading HackTheBox fs0sciety Write-up

Explain like I’m five: Cryptographic Hashing

tl;dr Just check out the image and read the details below it if you want to know even more. 🙂 A few days back I read an article by Yunyun Chen explaining Hashing in an infographic. I enjoyed it and read some comments, which pointed out a couple of weak spots that result from common misconceptions about (cryptographic) hashing. Mostly this is a result of the … Continue reading Explain like I’m five: Cryptographic Hashing

HackTheBox 0ld_is_g0ld Write-up

0ld_is_g0ld is a HackTheBox challenge and a great way for beginners to familiarize themselves with PDF password cracking. If you have used Hashcat before, it’s an easy win. Verifying we indeed are targeting the correct file format: We can extract the hash using the pdf2hashcat.py util script: Now all that’s left is run hashcat with a (large) wordlist against the hash file and with a … Continue reading HackTheBox 0ld_is_g0ld Write-up

The Thing about Mutable Default Arguments in Python

Yesterday I stumbled across some code like this… The semantics of the code don’t really matter here. Still spot the bug? It’s a very common Python gotcha that even experienced developers overlook from time to time. Look at the function header. The result list. Maybe a small example playing around will help here: Setting the default argument you would normally expect to have an empty … Continue reading The Thing about Mutable Default Arguments in Python

Low-level Debugging of Stubborn Docker Containers

A few weeks back I have started contributing to the awesome Mythril project. Mythril is a security scanner for smart contracts that allows everyone to look for vulnerabilities on- and off-chain by being able to analyze raw smart contract code, as well as the actual Solidity code file. To make setting it up more easy, the devs provide a Docker container for easy deployment and … Continue reading Low-level Debugging of Stubborn Docker Containers

Quick Hack: Generating PDFs with Python and XeTeX

A friend of mine is following a PhD in a non-technical field. And his boss is a bully. Work mainly happens with high-level statistical analysis tools. No one knows anything about programming and most problems are solved by hand. While on a positive note this means good chances to get a student job, it also means that progress moves slowly, especially when it comes to … Continue reading Quick Hack: Generating PDFs with Python and XeTeX