Latest Tweets

UAM’s MARVEL CTF Episodio 2: WriteUp

Obtención del binario y del servidor

Descargamos y descomprimimos el archivo ZIP. Nos encontramos con un volcado de memoria que podemos analizar con Volatility. Listamos los procesos en ejecución y nos encontramos con un Netcat:

0xfffffa800685b860 nc64.exe 1940 2304 2 72 1 0 2018-12-20 15:47:56 UTC+0000

Para obtener el […]

Dolphin singleClick option not working in XFCE4

Preamble

On an OpenSuse Leap GNU/Linux box, Dolphin’s singleClick option to open files and folders does not work if executing the file manager within an XFCE4 session. Instead, the user is forced to double-click every item to open it. Configuring the global KDE input settings does not help. Editing the ~./config/kdeglobals […]

Integrating the IHaveBeenPwned API into Linux PAM

Introduction

I was writing another 4-page article for Linux User and Developer about Public APIs when I came out with the idea of showing the readers how to leverage the IHaveBeenPwned API using a Linux PAM module. The idea was to use their new “Pwned Passwords API v2” with the K-Anonymity […]