R4shSec

Note This only affects systemd v260+. Most Linux Operating Systems (OS) are alright as it comes with systemd v259. A Github Pull Request (PR) #40954 was made so the birthDate field is stored in the users JSON records. This has caused a lot of backlash on social media. Despite the backlash, the developers behind systemd didn’t remove it. How to remove it? # I made a GitHub repository with the previous age assurance changes reverted. r4shsec/systemd-no-age-verification This is systemd but without the age verification made via pull request https://github.com/systemd/systemd/pull/40978

How does Malaysia block websites? # Malaysian Internet Service Providers (ISPs) have mandatory compliance with the Malaysian Communications and Multimedia Commission (MCMC) to implement Domain Name Server (DNS) blocking. Tech-savvy Malaysians could check via doing a nslookup where it would redirect to a server (175.139.142.25). List of Websites Blocked # I tested a handful of websites with various categories. I also published my findings to my GitHub Gist. You can visualize the chart here. 45.45% — Gambling 34.66% — Adult Themed 7.95% — News Circumvention # You can bypass the Internet Service Provider (ISP) censorship via a third-party Domain Name Server (DNS) provider. Cloudflare DNS (1.1.1.1) Google DNS (8.8.8.8) OpenDNS (208.67.222.222) AdguardDNS (94.140.14.14) Family # If you’re concerned that your child may access unsafe websites, most third-party Domain Name Server (DNS) providers have a family plan where unsafe websites are blocked. Cloudflare Family Plan (1.1.1.3) AdguardDNS Family Plan (94.140.14.15) OpenDNS Family (208.67.222.123)

Introduction # Hey everyone 👋 — In this Capture The Flag (CTF), we’re told that a file is broken and we need to figure out how we could repair it. File # Looking at the file, we could see that it seems like it is a JFIF. The file itself can’t be opened. Editing The Hex Value # That’s weird! — Referring to a Wikipedia article, the file SOI segment must start with FF D8. However, this starts with 5C 78. Let’s change that! To edit the value, you could use hexedit: sudo apt install hexedit # Install hexedit file # Edit the file. REPLACE FILE WITH YOUR FILENAME We would use hexedit to edit the file value. Simply add FF D8. Boom! — You could write the file via ctrl+w to write and ctrl+x to quit. Flag 🚩 # Boom! — We could now see the flag!

This is a writeup about picoCTF, picoMini by CMU-Africa, Crack the Gate 1.

Introduction # Hey everyone 👋 — In this Capture The Flag (CTF) task, we’re told to analyze a large log file with something hidden within. Analyzing The File # The file seems like it’s encoded in base64. I would run a command to decode it. cat logs.txt | base64 -d > logs_decoded.txt Decoded File # As we can see, the decoded log file seems like it’s actually a .PNG. View # Looking at this .png file, we can see that a long string appears. Extracting & Decoding Strings # Google offers great Optical Character Recognition (OCR) technology. It allows us to copy the string which is: 7069636F43544678666F72656E736963735F616E616C797369735F69735F616D617A696E675F61633165333538347D We can drop it in MagicChef using the Magic recipe. It would return the result from Hex. Flag 🚩 # picoCTF{forensics_analysis_is_amazing_ac1e3584}