Daily Weekly Monthly

Monthly Shaarli

Previous month
All links of one month in a single page.
Next month

May, 2021

Install Volatility 2.6.1 in Kali 2020.4+

Volatility is no longer packaged with Kali since 2020.4 release but can be manually installed.

sudo apt-get install pcregrep libpcre++-dev python-dev

git clone https://github.com/gdabah/distorm.git
cd distorm3
sudo python setup.py install

sudo apt-get install yara -y

wget https://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.6.1.tar.gz
tar -xvzf pycrypto-2.6.1.tar.gz
cd pycrypto-2.6.1
sudo python setup.py install

wget https://github.com/volatilityfoundation/volatility/archive/refs/tags/2.6.1.tar.gz
tar -xvzf 2.6.1.tar.gz
cd volatility-2.6.1
sudo python setup.py install
ctf
MOBISEC - Mobile Security Course
Hooking Linux Libraries for Post-Exploitation Fun - Mike Gualtieri
ctf
Modifying BIOS Using RU.EFI
biosmod
List of valid properties to query for "nvidia-smi --query-gpu="
nvidia
OSINT Framework
osint
Mathematical Tools for Data Science – NYU Center for Data Science
Advanced web spidering with Puppeteer
Add 32-bit support for WSL2 Ubuntu 20.04 
sudo dpkg --add-architecture i386
sudo apt update
sudo apt install libc6:i386 libncurses5:i386 libstdc++6:i386
sudo apt install gcc-multilib g++-multilib # for compiling
OpenSecurityTraining.info

In the spirit of OpenCourseWare and the Khan Academy, OpenSecurityTraining.info is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long.

ctf
Install CMS on Ubuntu

Install dependencies

sudo apt install build-essential texlive-latex-base openjdk-8-jdk-headless fp-compiler \
                 postgresql postgresql-contrib postgresql-client python3 python3-dev python3-pip \
                 cppreference-doc-en-html cgroup-lite wget curl llvm make tk-dev xz-utils zip \
                 libbz2-dev libcap-dev libcups2-dev libffi-dev libncursesw5-dev libpq-dev \
                 libreadline-dev libsqlite3-dev libssl-dev libxml2-dev libxmlsec1-dev libyaml-dev liblzma-dev zlib1g-dev

Install pyenv:

curl https://pyenv.run | bash

You may need to enable memory cgroup: https://github.com/canonical/microk8s/issues/1691#issuecomment-1279774327

Download CMS

cd ~
git clone --recursive https://github.com/ioi-2023/cms.git

Preparation

In order to run CMS, there are some preparation steps to run (like installing the sandbox, compiling localization files, creating the cmsuser group, and so on).

cd ~/cms
sudo python3 prerequisites.py install

Installing CMS and its Python dependencies

We'll install CMS in a virtual environment created by pyenv.

pyenv install 3.8.18
pyenv virtualenv 3.8.18 cms
pyenv local cms

pip install --upgrade pip setuptools wheel
pip install -r requirements.txt
python setup.py install

We also need to fix pycryptodomex:

2to3 -wWn --no-diffs ~/.pyenv/versions/cms/lib/python3.8/site-packages/Cryptodome

Configure the DB

We first need to start PostgreSQL:

sudo service postgresql start

The next thing to do is to create the user and the database. You need to log in as the postgres user first:

sudo su - postgres

Then, to create the user (which does not need to be a superuser, nor be able to create databases nor roles) and the database, run the following commands:

createuser --username=postgres --pwprompt cmsuser
createdb --username=postgres --owner=cmsuser cmsdb
psql --username=postgres --dbname=cmsdb --command='ALTER SCHEMA public OWNER TO cmsuser'
psql --username=postgres --dbname=cmsdb --command='GRANT SELECT ON pg_largeobject TO cmsuser'

The last two lines are required to give the PostgreSQL user some privileges which it does not have by default, despite being the database owner.

Enter exit to log out.

Configure CMS

Open /usr/local/etc/cms.conf and change the connection string given in database. This means to change username, password, and database with the ones you chose before.

Finally, you have to create the database schema for CMS:

cd ~/cms
cmsInitDB

Running CMS

Run WSLHostPatcher to make WSL2 listen for incoming connection on any interfaces (by default it only listens on localhost).

You need to create an admin user. This only needs to be done once:

cmsAddAdmin -p PASSWORD USERNAME

Start LogService:

cmsLogService

Start cmsAdminWebServer:

cmsAdminWebServer

Log in to the admin interface and create some contests. Now we can start all CMS services:

cmsResourceService -a
cms
Solve readflag for CTF Web challenge

Some web challenges require executing /readflag to get the flag. This executable will ask the user to compute some simple math. The timeout is very short, so the intended way to solve it is to write a script. However, there are better ways to solve it:

Solution 1: Trap the SIGALRM signal

$ trap "" 14 && /readflag 
Solve the easy challenge first (((((-623343)+(913340))+(-511878))+(791102))-(956792)) 
input your answer: -387571 
ok! here is your flag!!

Solution 2: mkfifo trick

$ mkfifo pipe
$ cat pipe | ./readflag |(read l;read l;echo "$(($l))" > pipe;cat)
input your answer: 
ok! here is your flag!!

Ref: https://balsn.tw/ctf_writeup/20190427-*ctf/#solve_readflag-(not-a-challenge)

ctf
Rawsec's CyberSecurity Inventory

An inventory of tools and resources about CyberSecurity.

ctf
Regex Hub - Useful Regex Patterns
regex