January 2021

TIL: Tuples and Pattern Matching in C# switch Statements

TIL. abbreviation for today I learned
used in writing, for example on social media, before giving interesting new information

It may not happen all the time, but every now and then there are cases where a certain outcome is expected due to two or more variables. For example the help or validation text for variable min and max values. Until now I have solved this with these monstrous “if – else if” nestings:

Read More »TIL: Tuples and Pattern Matching in C# switch Statements

HACKVent 2020 – Day 24

  • by

Challenge – Santa’s Secure Data Storage

In order to prevent the leakage of any flags, Santa decided to instruct his elves to implement a secure data storage, which encrypts all entered data before storing it to disk.

According to the paradigm Always implement your own crypto the elves designed a custom hash function for storing user passwords as well as a custom stream cipher, which is used to encrypt the stored data.…

HACKVent 2020 – Day 23

  • by

Challenge – Those who make backups are cowards!

Santa tried to get an important file back from his old mobile phone backup. Thankfully he left a post-it note on his phone with the PIN. Sadly Rudolph thought the Apple was real and started eating it (there we go again…).…

HACKVent 2020 – Day 22

  • by

Challenge – Padawanlock

A new apprentice Elf heard about “Configuration as Code”. When he had to solve the problem to protected a secret he came up with this “very sophisticated padlock”.

HV20D22.zipDownload

Solution

Unpacking the .zip archive, we got a 19MB Linux executable.…

HACKVent 2020 – Day 21

Challenge – Threatened Cat

You can feed this cat with many different things, but only a certain kind of file can endanger the cat.

Do you find that kind of files? And if yes, can you use it to disclose the flag?…

HACKVent 2020 – Day 19

Challenge – Docker Linter Service

Docker Linter is a useful web application ensuring that your Docker-related files follow best practices. Unfortunately, there’s a security issue in there…

Requirements

This challenge requires a reverse shell. You can use the provided Web Shell or the VPN to solve this challenge (see RESOURCES on top).…

HACKVent 2020 – Day 18

Challenge – Santa’s lost home

Santa has forgotten his password and can no longer access his data. While trying to read the hard disk from another computer he also destroyed an important file. To avoid further damage he made a backup of his home partition.…

HACKVent 2020 – Day 17

  • by

Challenge – Santa’s Gift Factory Control

Santa has a customized remote control panel for his gift factory at the north pole. Only clients with the following fingerprint seem to be able to connect:

771,49162-49161-52393-49200-49199-49172-49171-52392,0-13-5-11-43-10,23-24,0

Mission: Connect to Santa’s super-secret control panel and circumvent its access controls.…

HACKVent 2020 – Day 16

Challenge – Naughty Rudolph

Santa loves to keep his personal secrets on a little toy cube he got from a kid called Bread. Turns out that was not a very good idea. Last night Rudolph got hold of it and frubl’d it about five times before spitting it out.…