This post will summaries last Meetup progress and provides clues for further steps.
Let’s start we the recap. We started with:
Followed shortly by:
On the 23rd of January Meetup we have completed following tasks:
Objective 1 – Uncover Santa’s Gift List – clues in blog post video above
Objective 2a – Kringle Kiosk – clues in blog post video above
Objective 2b – S3 bucket – clues give at a Discord were: update the wordlist and add the searched bucket name, use ‘cat’ command to inspect the bucket. Copy and inspect in CyberChef the file. Start unpacking and remember to pipe the output whenever needed.
Objective 3a – Linux Primer – no clues were needed 🙂
Objective 3b – Point-of-Sale Password Recovery – clues give at a Discord were: download the package, no need to install the shop. Unpack the exe file, and poke around until you find app.asar and use 7zip to open Asar file.
Later today, 5-7pm GMT we will be focusing on following tasks:
all unfinished past tasks
Objective 4a – Unescape Tmux – no help needed
Objective 4b – Santavator operations – no help needed
Objective 5a – Speaker UNPrep – first clue: ‘strings door’ with some filters, more clues @Discord
Objective 5b – 5b: 33 Gkbps – no help needed
Objective 5c – Open the HID lock in the Workshop – no help needed
Objective 6a – Regex Toy Sorting – we will battle it together @Discord
Objective 6b – Splunk Challenge – clue: look for Bro.
So, as promised we are going to start SANS Holiday Hack Challenge Redo run by Counter Hack Team. We will start with the latest 2020 challenge . You will need a valid email to create user account, which is instant. You can start straight away on your own or watch a couple helpful videos.
The first video that I would like talk about, it’s Ed Skoudis 2020 Hack Challenge Intro. Video is a great overview of this year challenge.
Second video is aimed at Hack Challenge first timers, it’s walk through the login page and the starting interface.
For the last five years I was getting more and more anxious the closer it was till the end of the year. Why so? The answer is very simple – the SANS Hack Challenge (https://holidayhackchallenge.com/2020/index.html) run online by Counter Hack Team (https://www.counterhack.com/expert-pen-testers). I have learnt plenty and had an immeasurable amount of fun while solving hacking challenges. This winter I found myself helping others with their tasks by giving hints and I discovered that I have learnt even more. The best part was seeing others to grow and to learn how to beat the tasks.
Unfortunately, SANS hack challenge is only once a year and I didn’t always managed to find enough spare time to solve all the puzzles. Luckily, there is a way to fix that.
So, this year to celebrate 12th birthday of Tog, there will be a pleasant surprise. A walk through a past SANS Holiday Challenges. We will start on the 23rd of January, all info will be posted online. So, keep an eye on our website and reserve time between 5 pm and 7 pm on the day to join the discussion on a dedicated Discord channel https://discord.gg/322Kw4bkQK.