Defkthon CTF - Misc 200 - Writeup

Given a text file of 61366 lines with each line having values similar to

255,255,255
255,255,255
237,130,48
215,140,82
255,243,207
255,251,237

etc.

Microsoft Hackcon CTF - Challenge 8 - Email Harvesting

The question was to find all the emails of the given site. The initial page of the site showed just a link, a link to another page. That page contained 2 links both leading to 2 different pages. From that point on wards each page showed 2 different links to 2 other pages and so on. The 11th level of page showed one email id.

From this style of information, we could deduce that the arrangement is similar to that of a binary tree. Since the page at the 11th level showed the email address, there would be 2^10 ie., 1024 email ids. So we needed to design a version of binary tree traversal algorithm to get all the email ids.

Same Origin Policy and JSONP

Some days back, I was developing a mobile application that needed communication with the server. Since I was learning about node.js, I decided to give it a try and make the web app in node. Earlier I used J2EE Servlets, which seems fairly simple, but very heavyweight for my educational projects. So, I thought node.js will be a lightweight substitute. Also, I was not using the native mobile application development to develop the app on android. I was using Phonegap to make a HTML-CSS-JS based app, and used jQuery mobile to do the JS part. So I thought if I opted for node.js on server side, it will be an all Javascript project which seemed like fun.

As I started and tried to do the basic things I always try out first - Send something from client to server, do something with the data, Send back something to the client, display it - I was addressing a new problem that I was not familiar with - Same Origin Policy.

Event Driven Asynchronous Callbacks in node.js

In J2EE Servlets, which I previously used for web application development, each request is handled by a separate java thread. The whole requests runs on that thread unless we create a new thread to do things inside it. PHP also does work in a similar way. But node is quite different in this. Node works as a single process. If there is a slow part somewhere in the program, then the whole process will be slow, and no other requests will be taken up in the meantime. This may be heard as a very big disadvantage, but there is a workaround that makes node.js advantageous over others. That is by using Event Driven Asynchronous Callbacks.

A newbie's path to web application development using node.js

Javascript have always amazed me. It has a unique talent of doing complex things in a very easy manner, proved by the amazing jQuery. Some time ago, I had struggled to do pretty much everything related to web and mobile app development, but javascript have done me a lot of help. I used jQuery mobile with Phonegap to build my small android applications with considerable less amount of time compared to what I used to take when I was using its traditional coding way. Occasionally, I also had to create some backend web applications for my mobile app to communicate, for which I studied some basics of J2EE Servlets. My applications needed only the basic things, just a web server to communicate with and do some database operations. Presently, a friend of mine asked me to help him out with his academic project and was looking forward on creating another web app backend with J2EE, I stumbled upon node.js. I knew it could do what I want and better with a lot less effort. So I thought I would give it a try, and here I am blogging as I study more about node.js

Using Firebug Firefox Extension to manipulate cookie headers

Sure, You can always use webscrap for manipulating HTTP Request, But this method is a lot simpler.

Steps:
1. Install the Firebug plugin for firefox
2. Open it, the icon will be there at the top right corner.

Python: Working with ASCII

Converting text to ASCII and ASCII to text can be done with ease by python.

Conversion from Text (single character) to ASCII can be done by ord() function and the reverse by chr() function

Example:
>>> ord("A")
65
>>> chr(65)
'A'
>>> ord(":")
58
>>> chr(77)
'M'