Friday, August 8, 2008

Another update...

Unfortunately, I'm not at BlackHat/Defcon this week so I don't have any really cool stories about 0-day attacks, vendor parties or Vegas. However, its been a week since my last post so I thought I'd put something on. (In reality I'm avoiding writing a report.)

Khallenge has come and gone. I was able to get through the first level in 36 minutes. Not bad, but I should have been able to do better than that so I'm personally disappointed. The level 1 password was XOR's encoded so it was pretty easy to find once you found the right section of code. I got level 2, but due to other pressing issues (ie. work) I was unable to finish it. I'm pretty sure the password was RC4 encrypted, but I'm not 100% sure. I'll have to wait for F-Secure to post the results.

One funny thing did happen during the contest. At one point something happened to the Khallenge website and the directory index came up instead of the page. Using that I was able to download all of the contest binaries. F-Secure fixed it pretty quickly and changed the directories the binaries were in.

Because of agent0x0, who is living it up in Vegas as we speak, I've become addicted to Twitter. I have to admit I was skeptical at first, but it is a great tool for information sharing and meeting others in the field, as well as just fooling around. Whats worse is that I have my phone hooked up to it now. :) If you're on it, follow me.

No comments: