Hello and Happy New Year! This year’s Holiday Hack Challenge theme was an online conference called KringleCon, a cyber security conference hosted by Santa and his elves. It had all the elements of an in-person conference, including talks, badges, swag and the ability to network with other attendees. The challenge was to solve all 10 objectives and each of the “Cranberry Pi” mini-challenges.
I participated in the Google CTF this weekend and really enjoyed the challenges. Here is a write-up of one of my solutions.
It’s official, I received the email from SANS letting me know that I earned the GSE certification! I am GSE #141 in a group of impressive information security professionals.
The SANS Holiday Hack challenge this year was fantastic and I wanted to make sure to document my solutions on my blog. I have participated in the Holiday Hack Challenges since 2012, but haven’t documented them with the exception of some informal notes – maybe I should change that! Anyway, enjoy my write-up and I encourage anyone who did not participate to give it a try before reading this post!
The About section for Level15 contains the following instructions:
For Level16, we are told that a perl script is running on port 1616.
Level17 dictates, “There is a python script listening on port 10007 that contains a vulnerability.”
Level18 provides us with this large snippet of code:
Level19 provides us with the following code:
In Level13 we are given the following code: