CTF – Thice.nl

Lockpick sets and locks

Cheap ~$5 set from China:Â

Basic set for a cheap price. It is recommended to smooth the picks a bit with sandpaper.

https://www.dx.com/p/stainless-steel-hook-lock-pick-set-silver-black-14-piece-pack-2015582

Decent ~$10 set from China

A larger basic set for a nice price. It is recommended to smooth the picks a bit with sandpaper.

https://www.dx.com/p/stainless-steel-hook-lock-pick-set-silver-black-22pcs-2078055

Decent ~$20 set from China

Decent set for a decent price. It is recommended to smooth the picks a bit with sandpaper.

https://www.banggood.com/12Pcs-High-Quality-Lock-Picks-Tools-Set-Lock-Opener-Locksmith-Tools-p-1139437.html?cur_warehouse=CN

Best price/quality set (~$30, US + shipping)

“Tremendous Twelve Toolkit”, a very nice set made by Toool.

https://toool.us/equipment.html

Tension tools

Cheap set of tension tools from China (~$10)

https://nl.aliexpress.com/item/DANIU-14pcs-Tension-Wrench-Push-Rod-Rotating-Rod-Tools-Lock-Pick-Tools-Set/32959647828.html

Review: https://www.youtube.com/watch?v=V8KfWPKMuc8

Create your own tension tools from wiperblades: https://www.youtube.com/watch?v=FrSl3H81I2Q

Feelers

To create feelers to feel inside combination locks you can buy a set of cheap key extractors and smooth the ends (file and sand off the hooks):

https://nl.aliexpress.com/item/12-PCS-Fold-Pick-Tool-Broken-Key-Remove-Auto-Locksmith-Tool-Key-Extractor-Set-Lock-Hardware/32823212690.html

See through locks

For beginners, great to understand how a lock works. Easily picked.

Look around the site for the best prices, but keep in mind the difference in quality and that the padlocks come in two different sizes.

Practice Locks from Sparrows

Very good practice locks:

Review: https://www.youtube.com/watch?v=j089_yM1Beo

https://www.sparrowslockpicks.com/product_p/qreload.htm

Review: https://www.youtube.com/watch?v=_NpcTyJADqY

Lock Disassembly Tool

To take apart and rebuild locks:

https://www.banggood.com/DANIU-Professional-12-in-1-HUK-Lock-Disassembly-Tool-Locksmith-Tools-Kit-p-921171.html

Review: https://www.youtube.com/watch?v=O4nFHmbIvAs

Books

I recommend the following books about lockpicking:

Visual Guide to Lock Picking, Mark McCloud (note: Be sure to buy the latest edition, which at the moment seems to be the 3rd edition)
Practical Lock Picking, Deviant Ollam
Keys to the Kingdom, Deviant Ollam

Youtube

I recommend the following YouTube channels about lockpicking:

TOOOL

Toool is the The Open Organisation Of Lockpickers:

https://toool.nl/

Â

During the Hack in the Box Amsterdam 2015 conference (28,29 May 2015) we participated for the 3rd time in a row with team Hack.ERS in the CTF game. Once again the team included both me and GijsÂ from the Eindbazen team andÂ RileyÂ as the 3rd player. Multiple other Eindbazen members organized the CTF just as in the past years. This write-up contains some of the challenges we solved during the CTF, I only created write-ups of the challenges for which I had enough notes, but I did include the challenge descriptions and files for all the challenges where possible.

We ended on the 3rd place with the same amount of points as the second place (but just slightly later submitted the last solve). Which results in getting a top 3 position for 3 years in a row (2nd in 2013, 1st in 2014)

Continue reading “HitB 2015 CTF write ups”

ASIS CTF 2015 write-ups

CTF13/05/2015

Last weekend ASIS CTF took place and we (the Eindbazen team) spend some hours playing it. While we did not play the whole weekend we did solve some of the challenges. Since I enjoyed the challenges I worked on I decided to create these write-ups of them.

Header

Continue reading “ASIS CTF 2015 write-ups”

HitB 2014 CTF write ups

Code, CTF23/01/2015

During the Hack in the Box Amsterdam 2014 conference we participated with the Hack.ERS team of Deloitte in the CTF game. The team included both me and Gijs from the Eindbazen team, while multiple other Eindbazen members organized the CTF. While this might sounds weird it actually meant that the organizing Eindbazen really liked to see us squirm while working on the challenges they created.

This write-up contains some of the challenges we solved during the CTF, I only created write-ups of the challenges for which I had enough notes.

Continue reading “HitB 2014 CTF write ups”

Eindbazen ebCTF write-ups

Code, CTF21/01/2015

With theÂ Eindbazen CTF team, weÂ hosted the CTF (ebCTF) during the hackers eventÂ OHM2013. To generate some awareness about the CTF and OHM2013 event we also held a Teaser round some time before it. Besides full-filling an organizers role I also created multiple challenges for both the teaser round and the CTF.Â For the teaser round I created the challenges BIN100 and FOR100, and for the main CTF I created the challenges BIN100 (together with asby), BIN200, BIN400 and NET400 (together with the NFI). This write-upÂ contains the solutions, background info and source codes of the challenges I have worked on. Feel free to use anything from this write-up including source codes, as long as it is for non-commercial usage and please provide credits were appropriate. For commercial usage, please contact me to discuss.

Continue reading “Eindbazen ebCTF write-ups”

Meaningful MD5 Collisions: Creating executables

Code, CTF, Forensics, Malware19/01/2015

More than two years ago I worked on meaningful MD5 collisions, especially creating executables files, but I never finished my write up about this until now (hurray for having a sabbatical 😉 ). The idea behind this project was to create multiple executables with the same MD5, but with different behavior. I ended up creating a Perl script which enables you to create a simple skeleton source code which you can use as a basis for your own code, after compilation you can use the same Perl script to create the multiple executables with different behavior. This project does not show a new way to create MD5 collisions, but makes it easy to exploit the weakness by creating executables with MD5 collisions.Â I based my project on existing research such as HashClash, and used fastcollÂ to create the collisions. For further information about MD5 collisions, I would like to refer to HashClash.

The MD5 collision executables can potentially be a security issue for MD5 whitelisting, which is still used by some security products. An attacker could potentially first send an executable which is considered safe and then its counterpart which is evil. Since the files will have the same MD5 hash value the first file will have the second file white-listed. The files could further have impact on products which use MD5 hash values to uniquely identify files, such as certain forensics software.

The whole project was inspired by my firstÂ MD5 collision experience while playing SmashTheStackÂ IOÂ and by forensicÂ products using MD5 hash values as unique identifiers for files.

Continue reading “Meaningful MD5 Collisions: Creating executables”

Swiss Cyber Storm write-up 3: Social Challenge

CTF06/10/2011

This long delayed article is a write-up of the Swiss Cyber Storm Social Challenge which took place on May 14, 2011. Because of lack of time I simply did not finish this article earlier, however since I really enjoyed the challenge I decided to release it anyways, even though it is a bit dated now.

Continue reading “Swiss Cyber Storm write-up 3: Social Challenge”

Creating ACK-GET packets with scapy

Code, CTF06/06/2011

During the recent Defcon 19 CTF pre-qualifications, one of the challenges included to connect ‘quicker’ to a web server. While figuring out what the solution was for this challenge one of the things I tried was to send the HTTP GET request already in the TCP handshake stage. Sadly enough this had nothing to do with the real solution of this case, the real solution was making use of SPDY to connect to the server, this is also explained by one of the other teams in a write up here. However it was a nice exercise to create packets with scapy again and since I could not find a lot of information on the topic I decided to create this short write up on the topic.

Continue reading “Creating ACK-GET packets with scapy”

Swiss Cyber Storm write-up 2: CarGame Challenge 5

CTF25/05/2011

This article is a write-up of the Swiss Cyber Storm CarGame Challenge 5 (March/April 2011). For more info on the Swiss Cyber Storm Conference please check my post about the conference here.

I only joined the CarGame in level 4 (my write-up for level 4 can be found here), which meant I could not qualify any more to play the CarGame challenge during the conference. However since the challenges seemed fun I did the last two CarGame challenges anyway. The number and title of this challenge were:

7035 CarGame Challenge #5

I submitted my solution and it was accepted by the organisation, however I do not know if this was the solution the organisation expected and if any other participants have other solutions.

Continue reading “Swiss Cyber Storm write-up 2: CarGame Challenge 5”

Swiss Cyber Storm write-up 1: CarGame Challenge 4

CTF24/05/2011

This article is a write-up of the Swiss Cyber Storm CarGame Challenge 4 (February 2011). For more info on the Swiss Cyber Storm Conference please check my post about the conference here.

I only joined the CarGame in level 4, which meant I could not qualify any more to play the CarGame challenge during the conference. However since the challenges seemed fun I did the last two CarGame challenges anyway. The number and title of this challenge were:

7031 Gain Windows Domain Admin Privileges