At first this challenge looked like a Web challenge. The first problem that popped out when looking at the website was the use of ?page=about. Anytime I see a website that has a page= query parameter the first thing I want to try is directory traversal. And in this case just like in many other CTFs it turned out to be the correct path to start down. Although in this case it was just the beginning.

Continue reading

The challenge that I found the most enjoyable, and as such wanted to write about from the Boston Key Party was Airport (Crypto 500). This challenge’s hint made it clear that the goal was to do some kind of timing attack. It said:

Continue reading

While working at SI a portion of our time gets to be spent on research projects. I chose to use some of this time to take my capstone project from college (infsek.tk) and open source it as Want2Hack.com. In this process Security Innovation also allowed me to set up an instance of the site to be hosted by them as a training ground for aspiring Security Professionals to practice their skills in a safe environment, and experienced security researchers to demonstrate their latest findings.

Continue reading

Author's picture

ColdwaterQ

I do some things with gaming, and some other things with hacking. I also backup things I think are awesome here so that they will be less likely to be lost to time.

Security

Puget Sound