Solving convoluted problems, tutorials, write-ups & thoughts on security
The Silent Meeting challenge at NorthSec 2018 was worth 20 points with only four flags. For this CTF, 20 points is a lot. And there’s a reason: this challenge went out of the box and literally asked you to recover what music was being played from an audioless video of a loudspeaker, and what didContinue reading “NorthSec 2018 CTF – Silent Meeting: Write-up”
Once again, when you try to combine an unpopular app on an unpopular platform, and you want the latest version of them, the journey is long. Today, we want a FreeNAS 11.3 jail hosting Wekan 4.01, the Trello-like kanban-style board app, behind nginx 1.18.0 with OpenSSL 1.1.1g using TLS 1.3. You may want to doContinue reading “Install Wekan+nginx (HTTPS) in a FreeNAS jail in 2020”
Continuing and finishing on the analysis of the fake VeraCrypt Windows installer distributed on httx://vera-crypt[.]com, I am now reverse-engineering data.dll, which again tries to download another payload from a C2 server. Problem: the server is down. Instead, I’m focusing on recovering an old payload from the same malware family that I decipher from a PCAPContinue reading “An Analysis of Modified VeraCrypt binaries (Part 3)”
Something went wrong. Please refresh the page and/or try again.