2016-05-29 Week in Review

I Attended AusCERT. Much longer write-up in the link. Stayed in the Mantra Circle on Caville. An interesting twin-towers residential facility, we had a three bedroom apartment on the 36th floor. Lovely facility, great room, full kitchen etc. Pity about the lack of provided internet connectivity - maybe in another ten years, given the NBN timing? The wiring for the TV was horrible, and this was after I’d cleaned it up a little to get my own HDMI cable in :) My Bosch GMR1 palm router arrived, the first step in building my 3D CNC Router. [Read More]

AusCERT 2016 notes

Here’s a whole mess of notes I made as part of my week at AusCERT 2016. It’s my first conference, and I didn’t know what to expect, but it was an overall good experience. Tuesday I couldn’t get into any of the tutorials, so I ended up working. Sigh :( Monday I got into the Monday tutorial “Cyber Incident Handling” run by AusCERT’s General Manager, Thomas King. A day-long summary of the NIST guide and the ASD ISM along with some discussion about incidents. [Read More]

Mikrotik wireless and LIFX bulbs

I’ve been fighting with the configuration of my LIFX bulbs since I changed from using my trusty AirPort Express “puck” access point to the RBwAP2nD that I purchased a month or so ago. The bulbs I had are the original Kickstarter release models which I bought because I’m a terrible toy-hound. Turns out I’d hit two problems, one being that certain bulbs running their 2.1 firmware just don’t like changing the SSID they’re associated with, and the second being that client-to-client forwarding wasn’t enabled correctly on the new AP. [Read More]

Shearwater CTF: Law

Another challenge, another post - this time it’s all about the text. It said the flag was somewhere in a file, this time a .docx file. I assumed it would be something tricky as the file format’s essentially a .zip file full of metadata and content files. I wasted a good five minutes messing around in the file, extracting it and poking through the XML files. It seems it was even easier than that - once I opened it in Apple’s Pages. [Read More]

Shearwater CTF: myfirst_math

This one took a little bit of network trickery, connecting to a remote server and responding to requests quickly, else your connection gets dropped. The first attempt was to do it manually, thinking it was just a few simple ones. I rapidly realised it was going to ask many questions of me - 125 to be exact. Thankfully it was the same five questions. The question “what is the substitution” really threw me, because it’s supposed to be a math challenge, and I tried a whole load of things before I realised it was just letting me through anyway. [Read More]

Shearwater CTF: Adults Only

The first challenge in the AusCERT 2016 Shearwater CTF I tried was a fairly simple one, it said that the programming language was adults only and that the flag was in a file they offered for download. The contents were: ++++++++[>++++[>++>+++>+++>+<<<<-]>+>+>->>+[<]<-]>>++++++++++++++++++++++++++++++.>++++.-----------.++++++.++++++++++++++++++++.---------------------------------------------------------.++++++++++++++++++++++++++++++++++++.<-------.>>+++++++++++++++++.++++++++++.-----.<<+.>>++++++.<<-.>------------------.<+++++++++.<++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>---------.>>-.<-----------------.<++.>+++++++++++++++.<<+++++++++++++++++++++++++++++++++++++++++++++++++++++++++.++++. It happens that due to my rather scattered experience I’d seen this rather hilarious language before, called brainfuck. I found an online brainfuck interpreter and pasted it in, getting the flag. [Read More]

Automating things

I’ve got some homegrown OSX Automator services for tracking packages in Australia Post or DHL. For an online shopping addict it’s helpful to just select the tracking number, right click, select the shipping service and head off to the site. Recently I’ve been trying out the Safari Technology Preview and had changed my default browser. It seems that the original implementation of my services used AppleScript to directly call Safari instead of the default system browser. [Read More]

Windows 10 updates

I’ve been fighting with an issue for a while where every time I restarted my Windows 10 machine, it would go through a ridiculous loop of trying to install an update, then failing, then trying to do it again. From what I can tell it’s KB3156387 that’s failing, and it’s a common one for most people. It’s a fairly large update, which brings Windows 10 Build 10240.16854 to users’ machines. I found some information in the microsoft answers forums that led me to this failing service. [Read More]

2016-05-15 Week in Review

Made a bottom for the Octobag Wired the tow bar plug Built some more shelves for my workshop Cut some melamine and MDF for Aunty Mary - who in response, cleaned my whole house and bought me a lotto ticket. Luckiest. Guy. Ever. Attended Chantelle’s patterning for dresses class at RMB’s house - learnt a lot about speed-patterning clothes. [Read More]