security

There is a big difference between “Being Secure” and “Feeling Secure”. Far too often even security professionals (financial, physical, computer, or any other) lean towards “feeling secure” rather than actually “being secure” because “being secure” is very very hard, if not impossible. Feeling Secure is a feeling in your gut that you’ve done all you can think of and covered every base (that you know about). You have used every little trick you know about, even if you don’t know how or why it works.

DOC 01 DOC 02 DOC 03 DOC 04 DOC 05 <- You are here Again the fifth challenge is a zip file: 01E1B7BCFB39B4A666475991AF11C5762A489F9395C48B4E156526E1C6E4573F But I have to first admit that I solved this one third, not fifth…in fact I got a message when I tried to submit the fifth challenge solution early that I had to do them in order. How did I do them out of order you ask?

DOC 01 DOC 02 DOC 03 DOC 04 <- You are here DOC 05 Ok, so the fourth challenge is again a zip file (hash: 1A2570D5CC6E2C3A185E939DC49CB4B908B867E02AC84BF7ABB532B3395FB01A) and it contains a file fun.docm (hash: 4AE794A701D2F28BA7E6292F0463444F6A567CB7C26188A518270544252877FB). Now the first thing you need to know about the newer office file formats is that they are all zip files. So yes a DOCM and a XLSX and a PPTX, etc are all ZIP files with various contents pieces inside (see here for other zip based documents)

DOC 01 DOC 02 DOC 03 <- You are here DOC 04 DOC 05 So we get the third zip file which contains file named “gooby.pdf” (hash:3FB332A27A28AF95187F45D79EC8A08ADEF1A4AAD0D4DDD26B832A15CE9DB91A). Well now we need to turn to PDF tools. I admit that I’m not as well versed with the internal structures of PDF’s as I am with Office Documents, but their structure is also simplier. So I first tried PDFStreamDumper by David Zimmer, but it didn’t see the javascript intially.

DOC 01 DOC 02 <- You are here DOC 03 DOC 04 DOC 05 So we solved the frist document and then they give us this…Document #2 (hash: ACCDF64EB1E96BE5A7C5F23DB6A74B88869E4F6C3B46D41F80B3063BF79AD05E) So again, run it through FileId tool and get the VBA code out (using the XML or JSON output options). Sub AutoOpen() ' ' crackme Macro ' ' UserForm1.Show End Sub and Private Sub button_Click() x = suchcrypto(key.Text, "General Vidal") If x = "171,184,42,184,88,26,47,154,20,219,203,130,52,19,180,214,156,94,186,74,30,248,119,235,139,130,175,141,179,197,8,204,252," Then MsgBox "Wow.

On 2016-07-15 at 5pm EST Palo Alto Networks started a Capture the Flag competition with cash prizes called PAN Labyrenth CTF. When I looked at the challenges I noticed that there was a Documents track, and since there was a cash prize to the frist person to complete a given track I thought I’d give it a go..hey $1000 for a few hours is not bad. It only took me a few hours (actually more than I intended because I got stuck overthinking one of the problems), but I don’t think I was the first one to complete the track.

From Schiener on Security - My Reaction to Eric Schmidt: Too many wrongly characterize the debate as “security versus privacy.” The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny. Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that’s why we should champion privacy even when we have nothing to hide.