So I finally got around to sticking the code from the last two years’ Ruxcon Hardware Hacking Villages up on github, you can find it here; 2016: https://github.com/darkglade/ruxconhhv2016 2017: https://github.com/darkglade/ruxconhhv2017 If I’m really organised I’ll stick the code up prior to the con next time :)

This isn’t intended as a “full” walkthrough, I’m basically just going to outline my approach and perhaps mention a few alternatives. A quick note; this is the first time I’ve participated to any major degree in a CTF contest (Though I have tested and designed a number of levels for the Ruxcon CTF over the past couple of years), I’ve poked at a few in the past but I seem to quickly lose interest. I think the fact that this one was over a defined time period and that the #ctf-support channel was there on slack really helped to...

A while back I saw the announcement of the Metasploitable 3 Community CTF come past on Twitter, signed up mainly for shits and giggles, didn’t expect to get much chance to do much on it, because day job, but figured it might be entertaining to poke at it occasionally over the course of the week. Started a bit behind the curve (being that it was a US based contest and I’m in AU), but ended up doing pretty well none the less. Placed 10th out of a field of 500.

Ruxcon 2017 HHV Badge Flag – Part 2 – The "Hard" Way

As promised, here’s a walkthrough for retrieving the Badge Flag from the Ruxcon 2017 HHV Badge. The easy way requires that you have the badge hardware up and running (though you could just load the firmware onto some random ESP8266 module for the same effect). If we connect to the UART port on the badge we see the following at startup; Boot messages In this data we see; flag: cbd3f82962b3b38679fba0250f243c4c7dc5b8aa5ff403383f43de6e9dd2e23a32de120d62776077e2196c36ae0a330d SWEEET! that was easy! Err, no… Typically for a CTF flag...

Only eight hours sleep across the weekend (gotta love insomnia…) but we’re done for another year. I was pretty happy with the level of engagement we saw at the Hardware Hacking Village this year, catering to a group like that is always a bit tough. You can find my slide deck, the badge and simple solder build docs and badge firmware at my Ruxcon 2017 HHV page. We handed out 111 of the “Simple Solder” kits across the course of the weekend, so we were pretty much spot on with the 120 that we ordered for (Gotta say, really...

Part 2 - Configuring The IPSec Tunnel First thing you’ll need to do is decide whether you’re going to use certificate based or PSK authentication between the ends of the IPSec tunnel, if you decide on certificate based auth, you’ll of course need some certificates, your choice where you get them from, I created an internal CA on my local pfSense box and used that to issue the certificates for my tunnel. Next step is to configure IPSec Phase 1 (the configurations of each end of the IPSec tunnel are basically mirrors of each other, so I’ll only show...

Part 1 - Background and Approach I posted a few days ago about my Adventures in IPv6 which was a brief summary of getting IPv6 connectivity via the Hurricane Electric free IPv6 Tunnel Broker service, in that post I remarked about some issues I had due to the fact that my tunnel was terminated in Japan, this series of posts will cover “The Next Generation” where I basically set up a “personal” IPv6 Tunnel service. A quick note ahead of time; in my setup, I’m using pfSense on both ends of the tunnel, this is mainly...

So I was having a discussion on one of the boards I lurk on some weeks ago around IPv6, and that spurred me to finally pull my finger out and actually DO something about it (up until this point I’d been basically taking the “Ostrich” path of sticking my head in the sand and pretending it didn’t exist). My current provider has not deployed dual-stack to the edge, and all indications are that there will be significant costs involved in doing so (and they’ve recently been purchased by the biggest cheapskate in the ISP game, so I’m not going to...

So apparently I’m a muppet, I spent a while doing some digging around in disassemblies of the client and server components, only to discover that the certificate file I dropped onto the KVM was in the wrong format… So, I grabbed another copy, renamed the files appropriately and restarted the webserver, lo and behold it came up and is now presenting the correct certificate. Hallelujah. Next step, convince it to use that cert for the actual KVM bits, easy enough, copy webserver.crt and webserverkey.pem to dserver.crt and dserverkey.pem respectively, restart kleserver, comes up and all is happy, now it’s time...