Pages are deceptive. Live life in a basket.
do you think www.aws.org runs on aws?
For those inter st in the finest writing of all time https://www-allure-com.cdn.ampproject.org/v/s/www.allure.com/story/best-sex-tip-by-zodiac-sign/amp?amp_gsa=1&_js_v=a6&usqp=mq331AQKKAFQArABIIACAw%3D%3D#amp_tf=From%20%251%24s&aoh=16392879347932&referrer=https%3A%2F%2Fwww.google.com&share=https%3A%2F%2Fwww.allure.com%2Fstory%2Fbest-sex-tip-by-zodiac-sign
<- haproxy config for both
¶ ¶ The natas11 problem contains a OTP (one-time-pad) vulnerability called a "many-time-pad". Likewise, the attack is called a "many-time-pad" attack. Below is some code that led to the solution and progression to the next level. The problem includes the server-side PHP source, but with the key used for OTP and the password for the next challenge censored. The goal of the experiment is to flip a "showpassword" flag that will echo the password for challenge 12 into the rendered html. From the source example we can see that it stores an encrypted json blob in a session cookie called "data", so we have an opportunity to inject our own cipher text on the client side. We know our data structure is a jsob blob stored in a cookie value as cipher text because the lab has the PHP source that runs on the server-side with some data censored. And since we have access to the coo...
Projects Data Resume Bookmarks (all) The IRC bot for hackers Tenyks is an IRC bot written in Go. It relays messages between services and IRC. A Tenyks service Go library Quasar is the Go library for writting services for Tenyks. A Tenyks service Python library Tenyks Service is the Python library for writting services for Tenyks. Most services are currently written in Python. Self-hosted bookmarking SUFR is a self-hosted bookmarking program written in Go. It's simple to install and run because it's a single binary with no external requirements. It uses BoltDB under the hood for storage. Minimalistic static site generator Solarwind is a static site generator written in Go. It keeps things simple by compliling .md (markdown) to html and just copying html files into a public directory. The ugly duckling dat...
Projects · Climbing Data · Resume · Github · 0x3BA4034B I'm a rock climber, Go programmer, snowboarder and mountain man. You can find me on IRC. I frequent freenode and will always be in #infoforcefeed. I work for https://reflect.io and will be posting a bunch of my data as visualizations using our service. GPG fingerprint: 6E74 0249 A688 F563 509F AEF1 4856 403F 3BA4 034B Fingerprints can be found at the following locations: Github - website tls both sha1 and md5 Twitter - website tls sha1 Twitter - website tls md5 Twitter - gpg fingerprint Sun Mar 5 11:45:00 2017 - Tenyks update (0.10.0). Connection issues. Sat Mar 7 18:25:00 2015 - Solarwind: The bullshit-free static site generator © Kyle Terry · Everything is Creative Commons Attribution 3.0 ...
<header> <a href="/"><small class="fingerprint">DAAE E6B5 D729 10B7 4A6F 01F9 52A4 B5B2 F318 8BF2</small></a> · <a href="/resume.html">Resume</a> · <a href="/projects.html">Projects</a> · <a href="https://github.com/kyleterry">Github</a> · <a href="/kyle@kyleterry.com.0xF3188BF2-pub.asc">0xF3188BF2</a> </header> Systems Engineer Portland, OR kyle@kyleterry.com 971-275-5328 I am a system and software engineer in Portland, OR. I work on backend APIs and distributed systems mostly written in Go. Senior Software Engineer Portland, OR · Sep 2016 - Present Designing and building backend systems and APIs in Go for a data visualization SaaS platform. Software Engineer Remote Position · Dec 2014 - Sep 2016 Programming and engineering a customer facing web application for managing AWS secur...
DAAE E6B5 D729 10B7 4A6F 01F9 52A4 B5B2 F318 8BF2 · Resume · Projects · Github · 0xF3188BF2 You can find me on IRC. I frequent freenode and will always be in #infoforcefeed. Now Ebola free. BTC: 1KBNXvahSQHskxy8RmFtggc4VippXtoAZL Https fingerprints can be found at the following locations: Github - both SHA1 and MD5 Twitter - SHA1 Twitter - MD5 These are my words… Solarwind: The bullshit-free static site generator Tue Mar 3 17:25:00 2015 © Kyle Terry · The skies are finally black. ...
¶ ¶ The natas11 problem contains a OTP (one-time-pad) vulnerability called a "many-time-pad". Likewise, the attach is called a "many-time-pad" attack. Below is some code that led to the solution and progression to the next level. We know our data structure is a jsob blob stored in a cookie value as cipher text because the lab has the PHP source that runs on the server-side with some data censored. And since we have access to the cookies in our browser, we can start there: In [7]: cookie_data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw==' This is totally base64 encoding. So we can import our base64 package: In [5]: import base64 Now lets see what happens if we try to base64 decode our cookie_data In [9]: base64 . decodestring ( cookie_data ) Out[9]: '\nUK"\x1e\x00H+\x02\x04O%\x03\x13\x1ap...
"You're asking me? The one who velcroed the shit out of the server closet?" DAAE E6B5 D729 10B7 4A6F 01F9 52A4 B5B2 F318 8BF2 Github | Resume | Blog | Projects | 0xF3188BF2 You can find me on IRC. I frequent freenode and will always be in #infoforcefeed. Now Ebola free. BTC: 1KBNXvahSQHskxy8RmFtggc4VippXtoAZL Https fingerprints can be found at the following locations: Github - both SHA1 and MD5 Twitter - SHA1 Twitter - MD5 The skies are finally black. ...
"You're asking me? The one who velcroed the shit out of the server closet?" DAAE E6B5 D729 10B7 4A6F 01F9 52A4 B5B2 F318 8BF2 Github | Resume | Blog | 0xF3188BF2 You can find me on IRC. I frequent freenode and will always be in #infoforcefeed. How many wars are we fighting now? 4, maybe 5? BTC: 1KBNXvahSQHskxy8RmFtggc4VippXtoAZL Aaron Swartz has died. May he rest in peace. ...
Pages are deceptive. Live life in a basket.