Nucu Car: Devlog 0x01

Hello everyone, A while ago I started working on a pet project called NucuCar. It’s a platform written in .NET for the Raspberry Pi in which I’m trying to implement various utility functions to create a complete piece of software that can be used to build a remote controlled car for the Pi. The project is open source and it can be found on GitHub: Since I didn’t buy a toy car and I don’t have much space in my apartment I was working only on the sensors module, which currently has support for the BME680 environment sensor and the CPU temperature sensor build in the Pi....

January 26, 2020 Â· 2 min Â· Denis NuČ›iu

PicoCTF 2019: whats-the-difference (Points 200)

Can you spot the difference? kitters cattos. They are also available at /problems/whats-the-difference… on the shell server In order to easily solve this challenge, I’ve used xxd and cut to generate an ascii hexdump of the images: ➜ Downloads xxd kitters.jpg | cut -d ' ' -f 11 > kittens_text.txt ➜ Downloads xxd cattos.jpg | cut -d ' ' -f 11 > cattos_text.txt Since I wanted to do a per character diff I wrote the following Python script:...

January 3, 2020 Â· 1 min Â· Denis NuČ›iu

Bypassing ptrace calls with LD_PRELOAD on Linux

Hello, Here’s a quick article on how to bypass calls to ptrace when debugging a Linux executable. By calling ptrace with the PTRACE_TRACEME option, a process can detect if it’s being debugged and execute different instructions. This an effective anti-debugging technique. For example, take the following C program: int main() { if (ptrace(PTRACE_TRACEME, 0, 0, 0) < 0) { printf("I'm being debugged!n"); } else { printf("Normal flown"); } return 0; } If we execute the program from above we get Normal flow on our screen but if we debug it with gdb we get Err: I'm being debugged!...

January 2, 2020 Â· 2 min Â· Denis NuČ›iu

Hack The Box &#8211; Reversing: Debug Me Hints

Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbg Use an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it) Step through the challenge and see where it takes you. Thanks!

December 22, 2019 Â· 1 min Â· Denis NuČ›iu

X-MAS CTF 2019: Binary Exploiting &amp; Reversing Write-Ups

Hello, Here are my write-ups for the X-MAS CTF 2019 organized by . Reversing: Santa’s crackme Santa’s crackme is easy to solve when using Ghidra, all you need to do is open up the binary, read the code and use the XOR Memory script from Ghidra. The flag is retrieved from flag_matrix and xored by 3. Select the flag data, right click on Script Manager and execute the XorMemory script We get the flag, except for the first character...

December 21, 2019 Â· 2 min Â· Denis NuČ›iu

Coding Playlist

Whenever I have to concentrate on some programming task I listen to the following playlist, it gets me going and puts me into a pleasant mood. 🙂

December 16, 2019 Â· 1 min Â· Denis NuČ›iu

Hack The Box &#8211; Bitlab

Hello, Here’s how I’ve solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: root@kali:~# nmap -p- -sV 10.10.10.114 Nmap scan report for 10.10.10.114 Host is up (0.044s latency). Not shown: 65533 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) 80/tcp open http nginx Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed....

December 16, 2019 Â· 3 min Â· Denis NuČ›iu

Ditching Apache2 for Nginx

Hello, I wanted to self host my WordPress blog and for that I’ve chosen a hosting provider which I no longer recommend.. Because I’m lazy and I don’t know how to configure web servers that well I’ve used XXX’s WordPress one click install, the package installed WordPress and did the following things: Enables the UFW firewall to allow only SSH (port 22, rate limited), HTTP (port 80), and HTTPS (port 443) access....

December 15, 2019 Â· 4 min Â· Denis NuČ›iu

Hack The Box &#8211; Travexec Write-up

Hello, Here’s my write-up for the Traverxec machine. Initial Shell: google User Hint: Read the configuration carefully and ls dem directories, and don’t forget, you’re the web server! Root Hint: In linux you can configure commands to be executed without requiring a password. The password for the PDF is the root flag. Link: BananaPr1nc3-Traverxec.pdf

December 13, 2019 Â· 1 min Â· Denis NuČ›iu

HackTheBox Reversing DSYM Write-Up

Hello, Here’s my write-up for the Reversing DSYM challenge from HackTheBox. PDF: The password for the Write-Up is the challenge’s flag. To solve it I’ve used: Write a comment if you need a hint or something is not clear. Thanks for reading!

December 9, 2019 Â· 1 min Â· Denis NuČ›iu