Solving the SC1:Math Bot Capture the Flag Challenge with Python

Solving the SC1:Math Bot Capture the Flag Challenge with Python

Capture the flag, Security, Tutorial
Summary The MSP Tech Club puts on an annual CTF, available here. After stumbling upon the channel on IRC (#alexctf on Freenode) I felt compelled to compete in order to test the lessons that I've been learning throughout my OSCP course, the summary of which is below. The MSP:Math Bot CTF Challenge Explained The challenge presents two mirrored servers to connect to using netcat. Connecting to either presents a prompt not unlike the following: Answering each question manually re-presents a new mathematical problem which suggests that the answer to the challenge is to write a bot which can answer the questions to proceed to the next step. CTF Challenge Solution and flag After writing a script to connect to the server and handle the equation I realised that a number of results…
Read More
WordPress Security Basics

WordPress Security Basics

Security, WordPress
So, you’re using WordPress! What you might not yet realize is that WordPress currently powers approximately 26% of the internet powering sites for The New York Times, National Geographic, and Forbes (McGee, 2016) (ManageWP, 2016). Certainly, the reigning king of content management WordPress and its security is a continual target for security researchers, both good and bad. Limit your plugins! Although plugins are a great way to quickly get up and running with WordPress they are also the most common reason that a WordPress website is hacked! Limit your use of plugins to those that are regularly updated and have a reasonable following. If you’re interested in the history of a plugin or want to check if it has an active exploit within it you can search for it in the…
Read More
A concise guide to effectively designing donation pages

A concise guide to effectively designing donation pages

Digital Marketing
It is very rare that people will google and come to a website with the specific intent to donate which means you’re typically trying to convert a user that is visiting your website for an alternative purpose – so keep things simple! Donation Page Design and Structure If possible avoid sending people offsite to micro-sites, it breaks the user journey and can be concerning to more security conscious users. Carousels should be removed from donate pages - you've already made a conversion and further call to action and appeal pages should only be related to the current donation path. With this in mind, a link to the donate page (Donate Now buttons) shouldn’t appear when you’re already on the donate page! Avoid having your field explanations within boxes that will disappear when you click…
Read More
Updating a pre-existing Microsoft SQL table to have an identity column without losing data

Updating a pre-existing Microsoft SQL table to have an identity column without losing data

Problems and Solutions, SQL
You've created a Microsoft SQL Server table, added some data and then realised that integer column you created would be much better off as an identity column. You go to alter the table but SQL Server won't allow you to change your integer column into an identity one without re-creating the table and losing the data... How to proceed? The following is my regular workaround to the problem. (more…)
Read More
How to add an “Attachments” button on a SharePoint form without using Infopath

How to add an “Attachments” button on a SharePoint form without using Infopath

Forms, SharePoint Development
Why traditional SharePoint form design and not InfoPath? For a very long time Infopath has been hailed as one of the better ways to develop SharePoint forms. It's undeniable that InfoPath is fast, in many ways flexible and easy for more technical business users to maintain. All of that said in 2014 Microsoft dropped the following bombshell: The InfoPath 2013 application remains the last version to be released and will work with SharePoint Server 2016. Source: Official MSDN blog entry. As it appears InfoPath is nearing the end of its life we've begun developing SharePoint forms in a more traditional manner. We've used SharePoint 2013's web compatibility to its fullest by using JavaScript for most of our interactions and ASP where needed. The outcomes have been very, very surprising. We've…
Read More
How to download files from a SharePoint Online Document Library

How to download files from a SharePoint Online Document Library

SharePoint Development
As SharePoint Online captures more and more market share people are going to start doing more and more with it. One of the core challenges that I'm noticing is the struggle for developers in transitioning from server side code to using the client side object model (CSOM). There are a lot of ways to accomplish and this is just one example in many. This example assumes that the source document library has a column called Status. It will download files from that document library where the Status is equal to New and after download all of these files it will then update the status of those files to Downloaded. [crayon-58aa49a5da72d687526683/]
Read More
Reversing a string in Python with Performance Benchmarking

Reversing a string in Python with Performance Benchmarking

Uncategorized
Recently I've been putting a lot of time into brushing up my Python knowledge for big data projects and operations. For a task that's so simple I've found reversing a string can be quite enlightening for how to better "think in Python". As an example, here's how I would have previously reversed a string before really digging into the Python language: [crayon-58aa49a5dad66367586132/] Quite less than ideal! After digging a bit further I learnt about slice notation in Python - and it's amazing. This StackOverflow question serves as a good primer, here's the core answer from that question for future reference as well: [crayon-58aa49a5dad73300214704/] There is also the step value, which can be used with any of the above: [crayon-58aa49a5dad7a202447078/] The key point to remember is that the :end value represents…
Read More