This Side of Paradise

I am a huge fan of CTF’s and play them at every available opportunity to sharpen my skills and keep them up to date. One of the biggest challenges for playing a CTF is to ensure that the VM’s to be used during the event are always up to date and have all of the tools ready. I usually do this before a day, so it is a full day of running apt-get update and check for updates for a whole day before.

As always, forensics challenges draw my attention first - there’s a satisfying feeling that all of the answers are within what ever artefact you have with you. The “league of assassins” is a beginner challenge that requires analysis of a pcap file and is avaiable at this link. The challenge text says You are a field agent tailing a League of Assassins operative. The assassin just got the name of his target and needs to scope him based on available online information. So, he starts using free WiFi provided by Moonbucks coffee shop. The WiFi network is not using any security and is open to all. He is browsing the internet while enjoying his coffee while you are capturing the WiFi traffic. While you were busy with your sniffer set up, he took off. Now, the only way to stop the assassination is to find the target individual by analyzing the captured traffic and warning him in advance.

I promised a year back that things would get quite technical here on - well, here we go! A couple of weeks back, I tweeted Bfn hyper-v. I'll accept you are a child prodigy, bit I'll take a look when you're all grown up. Pathetic support for a Linux setup. — rvivek (@vivek_310) March 20, 2013 This was after a long and frustrating month long attempt to get my pentest lab running on my laptop.

After a gap of more than four and a half years, I’m back. Been quite busy these times - although I had dropped in occasionally to see what was happening. Life’s on its next, “more responsible” phase right now. It started off way back in 2002 when I started becoming interested in infosec - however, due to Goldman, I didn’t have the time (and the motivation) to pursue it seriously. However, now, I find myself torn apart between two worlds - the work of a project manager and the call of infosec! I’ve decided to eventually transition over. Have been working on lots of things for a while now, will start to post more regularly (Warning - some of the articles are going to be very technical going forward).