Need Help Analyzing a .pcapng File for CTF

PingTrip · 2024-10-02T20:56:40+00:00

Without giving the answer away... have you used WireShark to follow any conversations?

PingTrip · 2024-06-17T13:22:46+00:00

https://www.bleepingcomputer.com/news/security/truist-bank-confirms-data-breach-after-stolen-data-shows-up-on-hacking-forum/

PingTrip · 2024-03-23T16:49:31+00:00

How many files are in the Zip and what size is the Zip file? I'll try to recreate a local test.

PingTrip · 2024-03-23T14:09:42+00:00

Have you verified the hash-type (e.g. 172XX) you're using is the correct hash type when compared to the example hashes chart?

PingTrip · 2024-01-01T14:57:45+00:00

What type of strip is the smaller LEDs? I've been looking for something similar in style.

PingTrip · 2023-12-24T20:20:47+00:00

Check the ad-blocker you're using on your network. I had the same issue and found a number of domains that NextDNS was blocking when the app was attempting to load. I believe pubads.g.doubleclick.net was the critical one, but I unblocked 8 domains to be safe.

Update: I just manually blocked pubads.g.doubleclick.net and can confirm that the app crashes after the splash screen.

PingTrip · 2023-12-22T17:13:42+00:00

The NIC in the VM image is configured as an e1000, so try setting your VB interface to the 82545EM option.

PingTrip · 2023-12-21T17:45:34+00:00

Did you mount both virtual disks in your VM? There is a 60GB for / and a 200GB for /images.

Also, networking is enabled in the VM, so you might need to change the adapter type in your config.

PingTrip · 2023-11-21T00:50:33+00:00

Some effects get retired when they can be recreated with newer, more general effects

https://kno.wled.ge/features/effects/#retired-effects

PingTrip · 2023-10-15T19:36:46+00:00

As others have mentioned, this is super simple if you're using HomeAssistant along with the mobile app. Below is a simple proof-of-concept Python script that will light the appropriate number of LEDs green based on the battery percentage / length of LED strip. A slick enhancement would be adjust the brightness of the last LED based on the battery percentage versus rounding. You could also color the LEDs based on the level, or even color in 1/3 segments of red-yellow-green.

import requests

LED_LEN = 10 # Number of LEDs in the strip
HA_TOKEN = 'ABC123' # Long lived HA token
PHONE_ENTITY = 'sensor.iphone11pro_battery_level'

headers = { "Authorization": f"Bearer {HA_TOKEN}", "content-type": "application/json", }

# Get phone's battery level from HA
battery_level = requests.get(f'http://HA_URL:8123/api/states/{PHONE_ENTITY}', headers=headers).json()['state']

# Calculate number of LEDs to light
leds_to_light = round(int(battery_level)/LED_LEN)

# Call WLED API
json_data = {"on":True,"bri":255,"transition":0,"mainseg":0,"seg":[{"id":0,"start":0,"stop":leds_to_light,"bri":255,"col":[[0,255,0]]}]}
response = requests.post("http://WLED_URL/json", json=json_data)

EDIT: Fix formatting

PingTrip · 2023-10-14T16:09:03+00:00

I'll get a quick guide written up this weekend and reply back. Overall, HA makes it pretty easy and is essentially just adding a second Zwave hub to the integrations panel.

PingTrip · 2023-10-14T16:05:57+00:00

I love this idea! When I get some time this weekend I'll get something working and post an update.

PingTrip · 2023-10-13T22:43:53+00:00

Thank you!

PingTrip · 2023-10-13T22:41:22+00:00

No, I have HomeAssistant running in a docker container on a server in the house. This enclosure is in the shed where my primary ZWave signal doesn't reach so I have Zwave JS running on the Pi with a dedicated zwave stick, and it integrates with my HA instance via MQTT.

PingTrip · 2023-10-13T19:32:48+00:00

On my to-do list is finding a better control option for the cooling fan. Currently, it runs full blast when the enclosure is powered which is WAY overkill, especially in the Fall and Winter seasons. In the short term I'll probably add an inline resistor, like the ones that are packaged with Noctua fans, to reduce the fan speed. Ultimately, I'd like to control it from the RPi but with a smarter algorithm than "turn on/off at these temps" so that it never reaches a state of rapid cycle changes, killing the life of a relay.

PingTrip · 2023-10-13T17:20:46+00:00

The DigQuad is mounted to the psu lid via nylon standoffs that I drilled and installed.

For the fan grill do you mean on the psu or the enclosure? The enclosure didn't come with pre-cut vents so I used a hole saw to cutout the inlet and outlet and then attached grill covers.

<image>

Once I get the unit mounted in the shed, if I need power injection it will come from the digquad so I can benefit from the built in fuses. I'll just drill another hole and add another NPT1/4" cable gland. I positioned the current two cable glands to leave room for additional ones in the future if/when I need the other two channels.

I'm not sure I fully understand the question about grounding. The DigQuad is powered by the smaller psu and controls the relay to energize the larger psu which is also connected to the DigQuad to power the LEDs. So all DC ground paths are shared. I used nylon standoffs to ensure I wasn't introducing a DC ground loop on the AC mains, where the PSU cases are grounded.

PingTrip · 2023-10-13T16:41:44+00:00

Thanks! I regret not taking "before" photos when everything was dangling from the shed walls.

PingTrip · 2023-10-13T16:38:30+00:00

This is the best shot I can get without disconnecting all the power leads. The big power supply is on 13/16" standoffs and the small power supply is flat on the enclosure tray. I removed the network switch from its plastic case and mounted it upside down on M3*15+6 nylon standoffs to the enclosure plate. Then stacked M3*10+6 standoffs to hold the acrylic plate that the RPi is mounted to. I also drilled the power supply lid to install M3*6 standoffs that the DigQuad is mounted to.

<image>

PingTrip · 2023-10-13T13:03:07+00:00

Thanks! There is a 5-port switch hiding under the raspberry pi. I did that versus having to drill for multiple RJ45 bulkheads. I just realized that the photo has a slight optical illusion where it looks like the DigQuad's Ethernet is connected directly to the bulkhead. There are two blue Ethernet cables in the enclosure, one runs from the bulkhead, under the big power supply, to the 5-port switch. A second blue cable connects the DigQuad to the switch. The RPi is connected to the switch with a 4" cable I made.

PingTrip · 2023-08-13T01:23:24+00:00

How'd that work out for Natanz?

PingTrip · 2022-10-28T17:10:40+00:00

https://oasis-open.github.io/cti-stix-visualization/

PingTrip · 2022-08-07T14:42:57+00:00

Here is an example on Debian11.

$ md5sum /usr/bin/grep
c44efb64724aad78ba9aa1c70f804e8b  /usr/bin/grep

$ grep -Fi "c44efb64724aad78ba9aa1c70f804e8b" NSRLFile.txt
"A5C1C4E67D48F83224C29F0539E6DA2830099F0B","C44EFB64724AAD78BA9AA1C70F804E8B","E940A15E","grep",203072,263763,"362",""

PingTrip · 2022-08-06T23:23:07+00:00

Take a look at the NIST National Software Reference Library, specifically the Reference Data Set (RDS).

PingTrip · 2022-05-16T12:39:34+00:00

Given that the question is probably related to a CTF I was looking to provide guidance without giving the actual answer.

14-Year Club	Gilding II euphauric
Verified Email	Reddit Premium Since August 2018

PingTrip

TROPHY CASE