Publishing Site osusec.org at 9200a88 on Tue Mar 12 20:04:26 UTC 2024

Author: cacama-valvata

blog/index.html

@@ -1,5 +1,7 @@
 <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Blog on OSU Security Club</title><link>https://osusec.org/blog/</link><description>Recent content in Blog on OSU Security Club</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Sun, 03 Mar 2024 19:05:41 -0800</lastBuildDate><atom:link href="https://osusec.org/blog/index.xml" rel="self" type="application/rss+xml"/><item><title>Electronic Frontier Alliance</title><link>https://osusec.org/blog/electronic_frontier_alliance/</link><pubDate>Sun, 03 Mar 2024 19:05:41 -0800</pubDate><guid>https://osusec.org/blog/electronic_frontier_alliance/</guid><description>As OSUSEC moves into 2024 and beyond, we are taking a closer look at how our actions shape the world around us. Because of this, we are choosing to endorse the Electronic Frontier Alliance&amp;rsquo;s five core principles:
-Free Expression Security Privacy Creativity Access to Knowledge We believe that advances in technology, and specifically cybersecurity, can be a critical tool in making people&amp;rsquo;s lives better. But in equal measure, it can be a tool to stifle the human spirit.</description></item><item><title>Meeting 11/08/23</title><link>https://osusec.org/blog/meeting-11-08-23/</link><pubDate>Thu, 09 Nov 2023 10:10:33 -0800</pubDate><guid>https://osusec.org/blog/meeting-11-08-23/</guid><description>Ni Haowdy members!
+Free Expression Security Privacy Creativity Access to Knowledge We believe that advances in technology, and specifically cybersecurity, can be a critical tool in making people&amp;rsquo;s lives better. But in equal measure, it can be a tool to stifle the human spirit.</description></item><item><title>How I Approach pwn Challenges</title><link>https://osusec.org/blog/jonathans-workflow/</link><pubDate>Wed, 24 Jan 2024 22:25:26 -0700</pubDate><guid>https://osusec.org/blog/jonathans-workflow/</guid><description>The below write-up was posted in our internal CTF League discord server. Replicated here for posterity.
+Generally, my process for a pwn challenge is:
+1. Recon Figure out what kind of program you&amp;rsquo;re dealing with &amp;ndash; run file to see what kind of binary it is, maybe checksec to see what kind of security measures it has, figure out how to get it to run on your system Run the program a few times as a user, just so you can be familiar with what it does.</description></item><item><title>Meeting 11/08/23</title><link>https://osusec.org/blog/meeting-11-08-23/</link><pubDate>Thu, 09 Nov 2023 10:10:33 -0800</pubDate><guid>https://osusec.org/blog/meeting-11-08-23/</guid><description>Ni Haowdy members!
 Last night, we had our first lockpicking meeting of the school year! Zane led us through an introduction to lockpicking and the various locks we have. Lockpicking is a great outlet for puzzle-solving as well as a practical tool if you are ever locked out of our apartment :)
 We will continue to have lockpicking meetings throughout the year, so keep an eye out for the next one!</description></item><item><title>Cyberforce 2023</title><link>https://osusec.org/blog/cyberforce-2023/</link><pubDate>Tue, 07 Nov 2023 10:10:16 -0800</pubDate><guid>https://osusec.org/blog/cyberforce-2023/</guid><description>Last weekend, OSUSEC&amp;rsquo;s cyberdefense team flew out to Chicago to compete in the Department of Energy&amp;rsquo;s Cyberforce Competition! For 4 out of 6 members of the team, this was their very first time in a cyberdefense competition, and they absolutely rocked it! The team trained on Industrial Control Systems, system administration, and incident response in preparation, and came away with 15th out of 95 teams!
 Thank you for everyone who helped put on Cyberforce.</description></item><item><title>Meeting 11/01/23</title><link>https://osusec.org/blog/meeting-11-01-23/</link><pubDate>Thu, 02 Nov 2023 10:10:30 -0800</pubDate><guid>https://osusec.org/blog/meeting-11-01-23/</guid><description>Happy start of winter, members!

blog/index.xml

@@ -1,4 +1,4 @@
 <!doctype html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link href=https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css rel=stylesheet integrity=sha384-rbsA2VBKQhggwzxH7pPCaAqO46MgnOM80zW1RWuH61DGLwZJEdK2Kadq2F9CUG65 crossorigin=anonymous><script src=https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js integrity=sha384-kenU1KFdBIe4zVF0s0G1M5b4hcpxyD9F7jL+jjXkk+Q2h455rYXK/7HAuoJl+0I4 crossorigin=anonymous></script>
 <link rel=preconnect href=https://fonts.googleapis.com><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link href="https://fonts.googleapis.com/css2?family=Mulish:wght@300;600;800&family=Open+Sans:wght@400;600&display=swap" rel=stylesheet><link rel=stylesheet href=https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css integrity="sha512-q3eWabyZPc1XTCmF+8/LuE1ozpg5xxn7iO89yfSOd5/oKvyqLngoNGsx8jq92Y8eXJ/IRxQbEC+FGSYxtk2oiw==" crossorigin=anonymous referrerpolicy=no-referrer><link rel=stylesheet href=https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/solid.min.css integrity="sha512-LopA1sokwAW/FNZdP+/5q8MGyb9CojL1LTz8JMyu/8YZ8XaCDn1EOm6L7RWIIOHRM7K4jwnHuOmyLZeeeYxSOA==" crossorigin=anonymous referrerpolicy=no-referrer><link rel=stylesheet href=/caseyhates.css><title>Categories | OSU Security Club</title></head><body id=background-img style=background-image:url(/categories.jpg);background-position:50%><nav class="navbar navbar-expand-lg px-lg-5 py-lg-2 fixed-top topbar bg-light"><div class="container-fluid flex-nowrap px-lg-5"><a class=navbar-brand href=/><img src=/osusec-banner.png class=img-fluid alt=OSUSEC width=450px></a>
 <button class=navbar-toggler type=button data-bs-toggle=collapse data-bs-target=#navbarSupportedContent aria-controls=navbarSupportedContent aria-expanded=false aria-label="Toggle navigation">
-<span class=navbar-toggler-icon></span></button><div class="collapse navbar-collapse" id=navbarSupportedContent><ul class="navbar-nav me-auto mb-2 mb-lg-0"></ul><ul class="navbar-nav d-flex mb-2 mb-lg-0"><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/>Home</a></li><li class="nav-item px-1 dropdown"><a class="nav-link text-black dropdown-toggle" href=# role=button data-bs-toggle=dropdown aria-expanded=false>About</a><ul class=dropdown-menu><li><a class="dropdown-item topbar topbar-drop shadow-none" href=/about/>Who We Are</a></li><li><a class="dropdown-item topbar topbar-drop shadow-none" href=/club-constitution/>Club Constitution</a></li></ul></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/calendar/>Calendar</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/blog/>Blog</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/ctf-league/>CTF League</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/accomplishments/>Accomplishments</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/resources/>Resources</a></li></ul></div></div></nav><main id=main><div id=home-jumbotron class="jumbotron text-center hero-content infopage-hero d-flex flex-column justify-content-center"><h1 class="hero-title py-1">Categories</h1></div><div class="bg-light justify-content-center infopage-content" style=min-height:60vh><div class="blogcards d-flex flex-wrap justify-content-center"><div class="blogcard-each mx-2 my-2"><a href=/categories/uncategorized/><img src=/categories/uncategorized.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/uncategorized/ class=blogcard-title><h4 class=blogcard-title>Uncategorized</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/uncategorized/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/writeups/><img src=/categories/writeups.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/writeups/ class=blogcard-title><h4 class=blogcard-title>Writeups</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/writeups/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/meeting-notes/><img src=/categories/meeting-notes.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/meeting-notes/ class=blogcard-title><h4 class=blogcard-title>Meeting Notes</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/meeting-notes/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/club-news/><img src=/categories/club-news.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/club-news/ class=blogcard-title><h4 class=blogcard-title>Club News</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/club-news/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div></div></div></main><footer class="border-top py-4 bg-light"><div class="text-muted text-center"><p>© 2023 OSU Security Club.</p><p>Contact us at: <a href=mailto:[email protected] class="text-reset text-decoration-none fw-bold">[email protected]</a></p></div></footer></body></html>
+<span class=navbar-toggler-icon></span></button><div class="collapse navbar-collapse" id=navbarSupportedContent><ul class="navbar-nav me-auto mb-2 mb-lg-0"></ul><ul class="navbar-nav d-flex mb-2 mb-lg-0"><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/>Home</a></li><li class="nav-item px-1 dropdown"><a class="nav-link text-black dropdown-toggle" href=# role=button data-bs-toggle=dropdown aria-expanded=false>About</a><ul class=dropdown-menu><li><a class="dropdown-item topbar topbar-drop shadow-none" href=/about/>Who We Are</a></li><li><a class="dropdown-item topbar topbar-drop shadow-none" href=/club-constitution/>Club Constitution</a></li></ul></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/calendar/>Calendar</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/blog/>Blog</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/ctf-league/>CTF League</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/accomplishments/>Accomplishments</a></li><li class="nav-item px-1"><a class="nav-link highlight-orange-nav" href=/resources/>Resources</a></li></ul></div></div></nav><main id=main><div id=home-jumbotron class="jumbotron text-center hero-content infopage-hero d-flex flex-column justify-content-center"><h1 class="hero-title py-1">Categories</h1></div><div class="bg-light justify-content-center infopage-content" style=min-height:60vh><div class="blogcards d-flex flex-wrap justify-content-center"><div class="blogcard-each mx-2 my-2"><a href=/categories/uncategorized/><img src=/categories/uncategorized.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/uncategorized/ class=blogcard-title><h4 class=blogcard-title>Uncategorized</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/uncategorized/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/meeting-notes/><img src=/categories/meeting-notes.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/meeting-notes/ class=blogcard-title><h4 class=blogcard-title>Meeting Notes</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/meeting-notes/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/writeups/><img src=/categories/writeups.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/writeups/ class=blogcard-title><h4 class=blogcard-title>Writeups</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/writeups/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div><div class="blogcard-each mx-2 my-2"><a href=/categories/club-news/><img src=/categories/club-news.jpg alt class=blogcard-img></a><div class="blogcard-content py-4 px-4"><a href=/categories/club-news/ class=blogcard-title><h4 class=blogcard-title>Club News</h4></a><time datetime=0001-01-01>Jan 1, 0001</time><p></p><p><a href=/categories/club-news/><span style=text-decoration:underline>Read More</span><i class="fas fa-angle-double-right"></i></a></p></div></div></div></div></main><footer class="border-top py-4 bg-light"><div class="text-muted text-center"><p>© 2023 OSU Security Club.</p><p>Contact us at: <a href=mailto:[email protected] class="text-reset text-decoration-none fw-bold">[email protected]</a></p></div></footer></body></html>

blog/jonathans-workflow/index.html

@@ -1 +1 @@
-<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Categories on OSU Security Club</title><link>https://osusec.org/categories/</link><description>Recent content in Categories on OSU Security Club</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Sun, 03 Mar 2024 19:05:41 -0800</lastBuildDate><atom:link href="https://osusec.org/categories/index.xml" rel="self" type="application/rss+xml"/><item><title>Club News</title><link>https://osusec.org/categories/club-news/</link><pubDate>Sun, 03 Mar 2024 19:05:41 -0800</pubDate><guid>https://osusec.org/categories/club-news/</guid><description/></item><item><title>Meeting Notes</title><link>https://osusec.org/categories/meeting-notes/</link><pubDate>Thu, 09 Nov 2023 10:10:33 -0800</pubDate><guid>https://osusec.org/categories/meeting-notes/</guid><description/></item><item><title>Writeups</title><link>https://osusec.org/categories/writeups/</link><pubDate>Tue, 02 Feb 2021 00:00:00 -0700</pubDate><guid>https://osusec.org/categories/writeups/</guid><description/></item><item><title>Uncategorized</title><link>https://osusec.org/categories/uncategorized/</link><pubDate>Sat, 22 Feb 2020 00:00:00 -0700</pubDate><guid>https://osusec.org/categories/uncategorized/</guid><description/></item></channel></rss>
+<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Categories on OSU Security Club</title><link>https://osusec.org/categories/</link><description>Recent content in Categories on OSU Security Club</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Sun, 03 Mar 2024 19:05:41 -0800</lastBuildDate><atom:link href="https://osusec.org/categories/index.xml" rel="self" type="application/rss+xml"/><item><title>Club News</title><link>https://osusec.org/categories/club-news/</link><pubDate>Sun, 03 Mar 2024 19:05:41 -0800</pubDate><guid>https://osusec.org/categories/club-news/</guid><description/></item><item><title>Writeups</title><link>https://osusec.org/categories/writeups/</link><pubDate>Wed, 24 Jan 2024 22:25:26 -0700</pubDate><guid>https://osusec.org/categories/writeups/</guid><description/></item><item><title>Meeting Notes</title><link>https://osusec.org/categories/meeting-notes/</link><pubDate>Thu, 09 Nov 2023 10:10:33 -0800</pubDate><guid>https://osusec.org/categories/meeting-notes/</guid><description/></item><item><title>Uncategorized</title><link>https://osusec.org/categories/uncategorized/</link><pubDate>Sat, 22 Feb 2020 00:00:00 -0700</pubDate><guid>https://osusec.org/categories/uncategorized/</guid><description/></item></channel></rss>

categories/index.html

@@ -1,4 +1,6 @@
-<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Writeups on OSU Security Club</title><link>https://osusec.org/categories/writeups/</link><description>Recent content in Writeups on OSU Security Club</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Tue, 02 Feb 2021 00:00:00 -0700</lastBuildDate><atom:link href="https://osusec.org/categories/writeups/index.xml" rel="self" type="application/rss+xml"/><item><title>0x41414141 CTF - 0x414141</title><link>https://osusec.org/blog/0x41414141-ctf-0x414141/</link><pubDate>Tue, 02 Feb 2021 00:00:00 -0700</pubDate><guid>https://osusec.org/blog/0x41414141-ctf-0x414141/</guid><description>Prompt I think offshift promised to opensource some of their code
+<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Writeups on OSU Security Club</title><link>https://osusec.org/categories/writeups/</link><description>Recent content in Writeups on OSU Security Club</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Wed, 24 Jan 2024 22:25:26 -0700</lastBuildDate><atom:link href="https://osusec.org/categories/writeups/index.xml" rel="self" type="application/rss+xml"/><item><title>How I Approach pwn Challenges</title><link>https://osusec.org/blog/jonathans-workflow/</link><pubDate>Wed, 24 Jan 2024 22:25:26 -0700</pubDate><guid>https://osusec.org/blog/jonathans-workflow/</guid><description>The below write-up was posted in our internal CTF League discord server. Replicated here for posterity.
+Generally, my process for a pwn challenge is:
+1. Recon Figure out what kind of program you&amp;rsquo;re dealing with &amp;ndash; run file to see what kind of binary it is, maybe checksec to see what kind of security measures it has, figure out how to get it to run on your system Run the program a few times as a user, just so you can be familiar with what it does.</description></item><item><title>0x41414141 CTF - 0x414141</title><link>https://osusec.org/blog/0x41414141-ctf-0x414141/</link><pubDate>Tue, 02 Feb 2021 00:00:00 -0700</pubDate><guid>https://osusec.org/blog/0x41414141-ctf-0x414141/</guid><description>Prompt I think offshift promised to opensource some of their code
 author: notforsale
 Solution First off, we navigate to the offshift-dev github account, linked from the offshift site. Unfortunately, nothing there. Searching google for “offshift github” brings us to a different github with a single suspicious repository. This has two commits, one where files are uploaded, and one in which the _pycache_ folder is deleted. That folder sounds interesting, so we clone the repository, and checkout the commit where the files were added:</description></item><item><title>Crowdstrike Adversary Quest - Much Sad</title><link>https://osusec.org/blog/crowdstrike-adversary-quest-much-sad/</link><pubDate>Tue, 02 Feb 2021 00:00:00 -0700</pubDate><guid>https://osusec.org/blog/crowdstrike-adversary-quest-much-sad/</guid><description>Prompt We have received some information that CATAPULT SPIDER has encrypted a client’s cat pictures and successfully extorted them for a ransom of 1337 Dogecoin. The client has provided the ransom note, is there any way for you to gather more information about the adversary’s online presence?
 NOTE: Flags will be easily identifiable by following the format CS{some_secret_flag_text}. They must be submitted in full, including the CS{ and } parts.</description></item><item><title>BSidesPDX - Down the Rabbit Hole</title><link>https://osusec.org/blog/bsidespdx-down-the-rabbit-hole/</link><pubDate>Sun, 25 Oct 2020 00:00:00 -0700</pubDate><guid>https://osusec.org/blog/bsidespdx-down-the-rabbit-hole/</guid><description>Prompt Category: Over The Air