CTFd is a Python-based open-source Capture The Flag (CTF) web app. I wanted to use it in a context where I didn't want to collect email addresses of the registering users. To archive this, I decided to take the easy way and hack myself around the problem: just hide the email-field in the registration form and generate a random address for every registration. Show me the code!
All right, the last step to complete the great Sourdough Monitoring Project (SMP): capturing actual footage. We don't need a real video but just a sequence of still images. The goal is to collect enough of those on disk to later be able to assemble them into a time-laps video of the dough growing. First I'll show you how to enable camera support in software, then how to attach the camera, and finally finally how to capture images to disk. As a bonus, I'll share a PHP script you can use to receive images on a server on the internet so you can look at your dough from the other side of the world. Take a peek.
I want to create a stop motion movie of sourdough growing over night. Don't ask. Since I'm very comfortable with the OS, I am using Raspberry Pi as the hardware platform. And since everyone will tell you that _Lighting_ is important for any kind of filmmaking I played around with ways to toggle power on the USB ports to control USB-powered lamps. You want to know more? !
I am currently comparing different virtualization solutions for my home. This is because I want to do all kinds of things like openhab, cronjobs, DNS-based adblocking, and gateways both in via SSH and out via different VPNs/Tor, and splitting those into different machines sounds not only reasonable but is also necessary in some cases when there are different operating systems involved. This blag post will document a few nuggets of knowledge I collected while trying out VMware as hypervisor. You want to know more?
The Zlob malware contains lots of bogus API calls to hinder analysis. This blag post describes how to use a Java script in Ghidra to automate the process of patching out those calls with
NOPinstructions. Is that even hard?!
Sometimes it really surprises me how something as mundane as JSON encoding and decoding
datetimeobjects in Python is not readily solve-able with a simple google query. I guess this is caused by the sheer amount of code fragments floating around confusing The Kraken. With this blag post, I'd happily like to add to this mess: Show me your code snippet!
Since I already ran into this problem twice, here is a tiny reminder for my future self and potentially others that google something along the lines of the title. If you did
docker pull arangodbat some point in the past, then ran a ArangoDB container for a while with something like the command blow and want to update, just follow the error messages! Follow them already!
Directing your attention as a reverse engineer is key for not wasting your life looking at irrelevant code. This blag post will use an anti-analysis technique used in the Zloader malware as an example to practice this art. We will also take a short detour into code-level obfuscation and are going to re-implement the API hashing function from Zloader in Python. This post is aimed towards reverse engineering beginners that have already heard about API hashing. If you don't know, what Ghidra is or how to use it, you will need to brush over some parts of this post. Tell me everything!
In this blog post, we will follow one of herrcore's awesome videos and re-implement the automation as a Ghidra script in Java. The video in question is part of a series about a legacy malware family called Hamweq. CERT Polska published an extensive analysis of Hamweq: The malware implements a IRC-based botnet with worm-like capabilities. In this post we will solely focus on the string deobfuscation functionality in the malware. Show me what you got!