Construct Truffle Artifact Source Lists

This is a quick and dirty workaround for an issue that has been bugging me a lot. Truffle is one of the central, if not the most central development tool for building smart contracts on Ethereum to date. When compiling a Truffle project, the output is stored in build/contracts by default. An artifact simply a JSON object containing a plethora of data. A short sample … Continue reading Construct Truffle Artifact Source Lists

HackTheBox Postman Write-up

Postman was an easy-going box. It required careful enumeration and beyond that did not have too much resistance in privilege escalation. This makes it a prime example for real-world M&M security where the initial foothold is hard, but there is few resistance on the inside. Let’s start out by scanning the machine: There are a few interesting things here already. We have a webserver running … Continue reading HackTheBox Postman Write-up

The 36C3 Telnet Challenge (a.k.a. Cat CTF)

This is a write-up from the 36th Chaos Communication Congress, 2019. It has been my fourth Congress. Timed shortly after Christmas, it feels like meeting a second kind of family after the holidays. Hackers from all over the world gather in Leipzig to celebrate the weirdness of our community, break technology, learn new things, and have caffeine-fuelled fun. On my initial recon walk with friends … Continue reading The 36C3 Telnet Challenge (a.k.a. Cat CTF)

The Thing about Mutable Default Arguments in Python

Yesterday I stumbled across some code like this… The semantics of the code don’t really matter here. Still spot the bug? It’s a very common Python gotcha that even experienced developers overlook from time to time. Look at the function header. The result list. Maybe a small example playing around will help here: Setting the default argument you would normally expect to have an empty … Continue reading The Thing about Mutable Default Arguments in Python

Quick Hack: Generating PDFs with Python and XeTeX

A friend of mine is following a PhD in a non-technical field. And his boss is a bully. Work mainly happens with high-level statistical analysis tools. No one knows anything about programming and most problems are solved by hand. While on a positive note this means good chances to get a student job, it also means that progress moves slowly, especially when it comes to … Continue reading Quick Hack: Generating PDFs with Python and XeTeX

Converting MySQL Table Data to a Graphml File

I recently found myself in the situation where I was given access to a huge MySQL database that contained network traffic flows and IDS signature match data. As I work a lot with graph-based approaches, I needed to convert the table’s flow data into a graphml file for later visualization and analysis with scripts I have already written. Now without further ado here’s the code: … Continue reading Converting MySQL Table Data to a Graphml File