zacheller@home:~/blog$

  • Cybersecurity Converge Tour CTF @ UMSL

    Some members of the WUSTL CTF club b34r$hell drove out to UMSL to attend the Cybersecurity Converge Tour. The tour consisted of a Career Pathways Discussion, exercises around resolving ransomware, Capture the Flag, and lunch. I found the cyberseek.org Career Pathway map that they presented to be a great reference....

  • STLCyberCon CTF

    The WUSTL CTF team b34r$hell won first place at the STLCyberCon CTF hosted by UMSL on November 15th, 2019. Scoreboard: Team: Post Ceremony:

  • Google Cloud Training with Developer Student Club

    I joined WUSTL’s Google Developer Student Club for a Study Jam on the GCP. I finished the Google Cloud Essentials quest first and won a Google Home Hub. The quest included 7 hands-on labs where I had to: access Qwiklabs and the Google Cloud Platform Console and use the basic...

  • picoCTF2018 - Writeup

    —Forensics Warmup 1— Q: Can you unzip this file for me and retreive the flag? Unzip the folder, flag.jpg opens normally and displays flag. picoCTF{welcome_to_forensics} —Forensics Warmup 2— Q: Hmm for some reason I can’t open this PNG? Any ideas? Download flag.png. $ file flag.png flag.png: JPEG image data, JFIF...

  • bashrc for Debian in WSL

    I run Debian in Windows Subsystem for Linux (WSL), and I wanted to make a post about my setup and give an example bashrc. I find opening and manipulating files on Debian with Windows programs to be super neat. From the Debian side, your Windows filesystem can be found in...

  • TryHackMe - RP-Nmap

    Nmap Quiz First, how do you access the help menu? -h Often referred to as a stealth scan, what is the first switch listed for a ‘Syn Scan’? -sS Not quite as useful but how about a ‘UDP Scan’? -sU What about operating system detection? -O How about service version...

  • Defend The Web - Intro 1-12

    Intro 1 Intro 2 Intro 3 / Javascript Looking through the source code, I come across some JavaScript. $(function(){ $('.level form').submit(function(e){ e.preventDefault(); if(document.getElementById('password').value == correct) { document.location = '?pass=' + correct; } else { alert('Incorrect password') } }) }) The password field input value is checked against a variable called...

  • OverTheWire - Natas 0-10

    Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.natas.labs.overthewire.org, where X is the level number. There is no SSH login. To access a level, enter the username for that level (e.g. natas0 for level 0) and its password. Each level...

  • OverTheWire - Bandit 0-33

    The Bandit wargame on OverTheWire.org is aimed at absolute beginners. The goal is to teach the Linux basics needed to be able to play other wargames and compete in CTFs. This post contains my solutions all the currently released Bandit challenges. bandit 0 $ ssh -p 2220 bandit0@bandit.labs.overthewire.org # enter...

  • Research Project - Almiraj Embedded Fuzzing

    CSE637: Software Security, Spring 2019 Course Description In this course, students will be introduced to the foundations of software security. We will be exploring different classes of software vulnerabilities, analyzing the fundamental problems behind these vulnerabilities, and studying the methods and techniques to discover, exploit, prevent and mitigate these vulnerabilities....