I recently added a Synology NAS to my home lab and I am an instant fan. I have been spending time configuring and tinkering with the new device.

My team and I participated in the Metasploit CTF this past week and came in third place! I wanted to write up a solution for one of my favorite challenges.

Hello and Happy New Year! This year’s Holiday Hack Challenge theme was an online conference called KringleCon, a cyber security conference hosted by Santa and his elves. It had all the elements of an in-person conference, including talks, badges, swag and the ability to network with other attendees. The challenge was to solve all 10 objectives and each of the “Cranberry Pi” mini-challenges.

I participated in the Google CTF this weekend and really enjoyed the challenges. Here is a write-up of one of my solutions.

It’s official, I received the email from SANS letting me know that I earned the GSE certification! I am GSE #141 in a group of impressive information security professionals.

The SANS Holiday Hack challenge this year was fantastic and I wanted to make sure to document my solutions on my blog. I have participated in the Holiday Hack Challenges since 2012, but haven’t documented them with the exception of some informal notes – maybe I should change that! Anyway, enjoy my write-up and I encourage anyone who did not participate to give it a try before reading this post!

The About section for Level15 contains the following instructions:

For Level16, we are told that a perl script is running on port 1616.

Level17 dictates, “There is a python script listening on port 10007 that contains a vulnerability.”

Level18 provides us with this large snippet of code: