Chick3nman

NVIDIA Driver Version: 522.25        CUDA Version: 11.8

Credit: blazer
For benchmarking the card and allowing me to release the benchmarks here 

The hashcat installation used includes a change to the tuning ALIAS.hctune file to include the RTX 4090 as "ALIAS_nv_sm50_or_higher".
The "Kernel exec timeout" warning is cosmetic and does not affect the speed of any of the benchmarked modes.
Benchmark was run at stock clocks on an Asus Strix 4090.

terjanq

Postviewer - writeup

Challenge's overview

The rumor tells that adm1n stores their secret split into multiple documents. Can you catch 'em all? https://postviewer-web.2022.ctfcompetition.com

The challenge consisted of an all client-side simple page, i.e. no backend code was involved. A user can upload any file which will be then locally stored in indexedDB. They can preview their files by either clicking on the title or by visiting file's URL, for example https://postviewer-web.2022.ctfcompetition.com/#file-01d6039e3e157ebcbbf6b2f7cb2dc678f3b9214d. The preview of the file is rendered inside a blob created from data: URL. The rendering occurs by sending file's contents to the iframe via postMessage({ body, mimeType }, '*')

Additionally, there is a /bot endpoint which lets players send URLs to an xss-bot imitating another user. The goal is to steal their documents.

tothi

Certifried combined with KrbRelayUp

Certifried (CVE-2022-26923) gives Domain Admin from non-privileged user with the requirement adding computer accounts or owning a computer account. Kerberos Relay targeting LDAP and Shadow Credentials gives a non-privileged domain user on a domain-joined machine local admin access on (aka owning) the machine. Combination of these two: non-privileged domain user escalating to Domain Admin without the requirement adding/owning computer accounts.

The attack below uses only Windows (no Linux tools interacting with the Domain), simulating a real-world attack scenario.

Prerequisites:

billti

Below are the steps to get an ARM64 version of Ubuntu running in the QEMU emulator on Windows 10.

Install QEMU

Install for Windows from https://qemu.weilnetz.de/w64/ (I used qemu-w64-setup-20181211.exe)

Put C:\Program Files\qemu on your PATH, and run the below to check it's working (which will list out the CPUs the AArch64 emulator can emulate):

qemu-system-aarch64 -M virt -cpu help

luk6xff

You might want to read this to get an introduction to armel vs armhf.

If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.

Running ARM programs under linux (without starting QEMU VM!)

First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux

If there's no qemu-arm-static in the package list, install qemu-user-static instead

mrk-han

Install and Create Emulators using AVDMANAGER and SDKMANAGER

TL;DR

For an emulator that mimics a Pixel 5 Device with Google APIs and ARM architecture (for an M1/M2 Macbook):

1. List All System Images Available for Download: sdkmanager --list | grep system-images

2. Download Image: sdkmanager --install "system-images;android-30;google_atd;arm64-v8a"

etiennetremel

Simple WireGuard configuration

1 server, 2 clients

Getting started

Install Wireguard on all machines.

Generate all keys

jbrown123

Recursive Queries Using Common Table Expressions

Common Table Expressions (CTEs) are a bit complex and difficult to understand at first blush. Many of the tutorials and examples on the net don't make it any easier for those just starting out. I thought I'd put together a quick gist that tries to simplify the concept and demonstrate how to do recursive queries using CTEs.

Keep in mind that CTEs have other uses besides just recursive queries but this gist is just about how they can be used to create recursive searches.

I'm using SQLite in this example but any SQL language that implements the WITH keyword should be able to do the same thing. If you've never used SQLite before, you are missing out on an amazing, open source, stand alone, SQL engine. I encourage you to check it out.

A practical example

zacharycarter

Binding to C Libraries with Nim

---

Table of Contents

• Introduction
• C2Nim
• The C Preprocessor
• Pragmas

joepie91

Not all random values are created equal - for security-related code, you need a specific kind of random value.

A summary of this article, if you don't want to read the entire thing:

• Don't use Math.random(). There are extremely few cases where Math.random() is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.
• Don't use crypto.getRandomBytes directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.
• If you want to generate random tokens or API keys: Use uuid, specifically the uuid.v4() method. Avoid node-uuid - it's not the same package, and doesn't produce reliably secure random values.
• If you want to generate random numbers in a range: Use random-number-csprng.

You should seriously consider reading the entire article, though - it's