Solving the SC1:Math Bot Capture the Flag Challenge with Python

Solving the SC1:Math Bot Capture the Flag Challenge with Python

Capture the flag, Security, Tutorial
Summary The MSP Tech Club puts on an annual CTF, available here. After stumbling upon the channel on IRC (#alexctf on Freenode) I felt compelled to compete in order to test the lessons that I've been learning throughout my OSCP course, the summary of which is below. The MSP:Math Bot CTF Challenge Explained The challenge presents two mirrored servers to connect to using netcat. Connecting to either presents a prompt not unlike the following: Answering each question manually re-presents a new mathematical problem which suggests that the answer to the challenge is to write a bot which can answer the questions to proceed to the next step. CTF Challenge Solution and flag After writing a script to connect to the server and handle the equation I realised that a number of results…
Read More
WordPress Security Basics

WordPress Security Basics

Security, WordPress
So, you’re using WordPress! What you might not yet realize is that WordPress currently powers approximately 26% of the internet powering sites for The New York Times, National Geographic, and Forbes (McGee, 2016) (ManageWP, 2016). Certainly, the reigning king of content management WordPress and its security is a continual target for security researchers, both good and bad. Limit your plugins! Although plugins are a great way to quickly get up and running with WordPress they are also the most common reason that a WordPress website is hacked! Limit your use of plugins to those that are regularly updated and have a reasonable following. If you’re interested in the history of a plugin or want to check if it has an active exploit within it you can search for it in the…
Read More