Advertisement · 728 × 90

Posts by IAmMandatory

Post image

The needle dropped are you ready to groove? We have 12 #CTF challenges open for you, check it out at ctf.bsidessf.net.

Hakuna matata what a wonderful phrase. Hakuna matata, ain't no passin' craze.

1 month ago 3 2 0 0
Post image

We just dropped 3 more challenges for today, we don't plan to release more for today. More to come tomorrow at 9am! #BSidesSF #CTF

Check out our Chrome Extension challenge, "moa-station", at ctf.bsidessf.net.

11 months ago 3 2 0 0
Post image

You are in for a punny time until launch!

Join us at ctf.bsidessf.net/register, the #BSidesSF #CTF kicks off at 4:00pm PDT tomorrow!

11 months ago 4 4 0 0
Post image

What's in the cards for this year? Join us next week at ctf.bsidessf.net and find out! #CTF #BSidesSF

1 year ago 5 2 0 2
Video

This shitpost may be a little too niche, but it's how the scraping struggle be these days (turn video audio on).

1 year ago 4 1 0 0
DEF CON 32 - Secret Life of Rogue Device: Lost IT Assets on the Public Marketplace - Matthew Bryant
DEF CON 32 - Secret Life of Rogue Device: Lost IT Assets on the Public Marketplace - Matthew Bryant YouTube video by DEFCONConference

Looks like DEF CON talks are up on YouTube! If you want to see a fun talk on crawling online markets for the spicy silicon, check mine out here: youtu.be/QgeEHdAmJDg

1 year ago 3 0 0 0

I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.

The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().

It's RCE, not auth bypass, and gated/unreplayable.

2 years ago 685 275 7 14
Post image
2 years ago 1 0 0 0
Advertisement
Post image

my immediate reaction to this site

2 years ago 9 1 1 0