Category: Other nerd pursuits

Registrations are back open for the next two meetups. Apologies for breaking them. Sometimes I have a nasty habit of not testing changes as a muggle.

I picked up this Altairduino unit back in 2017 or 2018 I think. The original came with a narrow bamboo case, and I ran into fitment issues and took a break from the project, although I had gotten the electronics portion working. At its core, the project uses an Arduino Due, and simulates the loading of 8″ floppies from files on a micro SD card.

Recently, a blue and white case was made available to simulate the original Altair 8800 case. It’s a bit deeper as well, and comes with an expansion board with a hardware terminal emulator, external serial port, VGA, PS2 keyboard socket, etc. I finally got around to put my Altairduino into a box.

Now I’m struggling with the serial port functionality and/or the SD card reader. But even without those, I can play kill-the-bit and pong with the switches and LEDs on the front panel.

Tonight I added Facebook and Twitter login via OAUTH. Facebook seems to work just fine, Twitter seems a bit weird but I’ll check it some more later. The idea is to give you folks the capability of logging in here without having to create and maintain a separate user ID. You are still welcome to do it that way, I’m just creating options.

I will work on event registration next.

Nobody has commented on the front page changes, so either:

1. Nobody goes to the front page, they just link here directly;
2. Nobody comes to the website at ALL;
3. Nobody can figure out how to get past it; or
4. Nobody gives a shit.

I’ll take any answer. As a part-time nihilist, none of this truly matters.

For tonight, I’m going back to looking at Arduino Due pinouts. I’m trying to diagnose a serial port issue.

So dumbass me, who only messes with CTFd in the week or so leading up to the monthly meeting, of course forgot the username and password for my administrator account on my CTFd server. [This is the server that keeps track of scores for people who have solved exploit challenges].

Of course the damn thing is in a Docker container, and everyone knows I’m a Docker n00b. But I’m determined, so I forge ahead.

I get into the docker container…

docker exec -it /bin/sh

I know it’s not running a database server, so I start poking around in the CTFd directory, and find ctfd.db, a sqlite database file. Jackpot.

I copy the file out of the docker container, because the sqlite command-line tools are not installed:

# docker cp (docker id):/opt/CTFd/CTFd/ctfd.db /tmp

At that point I just opened SQLite to it…

sqlite3 /tmp/ctfd.db

Let’s see what the schema looks like.

.schema

OK, so there’s a users table, but no admins table. Let’s look at users:

select * from users;

OK, there’s my admin account, now I know what the username was, it was one of the three I thought it would be. And there’s a column called “type” which seems to be either “user” or “admin” … The password column is encrypted, so that doesn’t help me.

So I register a new user in the web UI, give it a password, then go back to check my users table. Sure enough, there’s now an admin and a user. Let’s fix that.

update users set type=’admin’;

This would have been more finetuned had more users existed, but in my case there were no regular users but the one I created.

Back to the web UI, login as my new user, and sure enough, I have full admin rights. I don’t know what I was thinking or what I was drinking when I set that up the first time, but tragedy has been averted yet again.

And yes, I could have just rebuilt it, but all the flags for the vulnerable VMs are stored in it.

Someone mentioned this on Reddit, seems to be a great local privilege escalation resource for both Windows and Linux, including a .bat file which creates vulnerabilities on your (NON-INTERNET-FACING) Windows VM.

https://github.com/sagishahar/lpeworkshop

Video is for inspiration while you’re trying it out.

The September meetup is a week away. I know this is a long shot, but if anyone has working configs for ANYTHING involving a BladeRF X40 and 3G/4G, please bring it.

The lab did NOT burn down yesterday.

Anyone want to give a hashcat tutorial?

Happy Monday!

Pic unrelated.

If you’d like to help defray some of the expenses involved in running this group, please feel free to contribute to the GoFundMe for the CTF server, or contact [email protected] if you’d like to donate in some other way. I’d like to keep the meetings free and open for as long as possible, because so far, I like the people that attracts to the group.

I’m ready, are you? If you’re joining us in the group Hackerbox build, have you ordered one?

Still haven’t heard from anyone wanting to present, teach or learn something, so it’s likely to be the same chaotic meeting as usual, with the added lubrication of festive beverages.

The space is just about ready, and my back hurts from all the rearranging. No photos, I don’t want to spoil the surprise.

The PCBs for the MultiPass badges should be here early next week. Some will be available for purchase if you’re interested.

Reminders:

• This meeting is in my house. My house, my rules. Rule #1 is don’t be a dick. Respect the other attendees, respect the space, respect the equipment. I’d like everyone to feel safe, comfortable and welcomed. Make this great and the space will stay available. Make it suck, and we’ll be back at the library.
• Festive beverages are a thing here, but don’t be stupid about it, especially if you are driving. I’m not planning to serve food, but we could certainly go in on some delivery if folks get hungry. I will have some festive bevs on hand, but please feel free to BYOB.
• Please RSVP on the meetup page so that attendance can be planned/capped.
• Activities available: soldering station, including SMD tools; lock picking station; CTF server; fix my Mr. Robot badge;
• While there’s no “official time” for the meeting (there’s no “official meeting” and no “official business” to be conducted), the space will be open from 6pm until dispersal or midnight, whichever happens first. Signage will direct you where to go. Everything you need to know is on the Meetup page.