~/home

"Streaming Only" Lecture Videos - A Drama in V Acts

"Students cannot download the streaming videos through a download button or by right-clicking into the video and choosing "Save link as". Nevertheless, technically skilled students will find a way to download them anyway."

nixos

NixOps for preexisting NixOS machines

Deploying the config of a NixOS machine to the same machine from another machine using NixOps should be fairly easy..., or not?

ctf

redpwnctf pseudo-key

So, this is a fairly long writeup for the pseudo-key challenge from the redpwnctf. It is ment to not only show the solution of the challenge, but also how to approach such a challenge. The challenge is based on Modular Arithmetic. Initial view So, the first thing to do is

ctf

r2wars

Bot battles in radare2's ESIL VM.

ctf

Disclosing a complete flag leak in a CTF

This disclosure process of leaking all flags from the NahamCon CTF.

NixOS in the Hetzner Cloud

So I had this Idea to install NixOS in the Hetzner Cloud (not to be confused with Hetzner Online for which a page in the NixOS wiki does exist). Searching a bit, I didn't find any instruction or experience report on the topic, so this is me formulating my experience.

Windowmanager setup

I've often had encounters starting like "Whats that windowmanager you're using?" (that actually happens, yes) in the past that developed into a discussion on how productivity can be increased and how stuff can be configured. I'd like to point out here that this all depends on a lot of things

Welcome to the nutshell of Monitoring

Motivation Why you would run an monitoring system like this? I would mostly say because we can but no, this time it is necessary to run such an stack. Since I run autonomous systems and an IT-company and Emile mostly run this as an companion in most of this non-customer

"There's JavaScript in my power plug!"

The story how I found my first CVE - Disclosing CVE-2019-18842

nixos

NixOS - A path to…?

My journey installing and using NixOS.

honeypots

Operating honeypots

Operating honeypots and monitoring them using the grafana worldmap plugin.

ctf

Hack around the clock: Introduction to Blind Attacks

A small example of a blind timing attack, based on a challenge from Junior 35C3CTF

ctf

35c3 Stringmaster2 Walkthrough

This is my Walkthrough for the stringmaster2 challenge, which I solved during the 35c3 juniors CTF. I'm trying to explain the bug and the exploitation techniques I used in a very detailed way, so that even less experienced people can understand and reimplement it :D Environment Just in case you

Optimizing the simulation of galaxies using Barnes-Hut simulations

Simulating galaxies in really fast way, sounds complicated? It is, but let's try understanding how it works!

ctf

RITSEC CTF writeup - recover AES-CBC IV

This is a writeup for the crypto challenge "Who draw on my program?" from RITSEC CTF 2018. The flag is the initialisation vector - © sandw1ch RITSECFoundations WTF is CTF? If you have no clue what a ctf is, have a look here What is AES? AES (Advanced Encryption Standard), also

hacking

The Theory Of Disclosure

Participating in the field of IT security exposes you to the chance that you stumble upon services, software or hardware which you may find vulnerable. Either the logic of the objective is broken ("Why am I able to edit this text?!"), or you can inject arbitrary SQL or Shell ("Haha,

i3

i3 + MATE

Using the windowmanager i3 in combination with the desktop enviroment MATE,

blog.init();

Hello! When hosting a blog for yourself, you are often confronted with the problem of readers demanding fresh, new and interesting content on a recurring base. And, of course, it's nice to have something you can live up to, get creative with, or, in the context of a blog for