Firefox Student Ambassador – My first Steps

I am recently been contributing to MozillaΒ recently, I am loving <3 it very much πŸ˜€ I have even fixed few bugs πŸ™‚ Here is my profile in our FOSS clubΒ http://foss.amrita.ac.in/register/profile/dhanvi/Β you can see few bug reports as my previous contributions but I have fixed my first bug in Mozilla onlyΒ https://bugzilla.mozilla.org/show_bug.cgi?id=1155402Β (it’s very simple what I need to do is that just change the file to the one given by them and send a patch to them)

Here is my Bugzilla profile of MozillaΒ https://bugzilla.mozilla.org/user_profile?login=dhanvicse%40gmail.comΒ (you need to have account to view my bugzilla profile) and the list of bugs fixed by me areΒ https://bugzilla.mozilla.org/buglist.cgi?quicksearch=FIX%20assignee%3Adhanvicse%40gmail.com&list_id=12541366

Enough of the Introduction, the main reason that I am writing this blog is that this is the easiest way to become a trainee level is to write a blog post (other than coding the thing that I love is writing, hacking comes the first πŸ˜› )

First of all I am proud to be a Firefox Student Ambassador I got a sticker from Trishul <trishul.goel at gmail.com> at HackIndia and it took a good place on my laptop too πŸ™‚ and Trishul would have helped me if I have the stable internet connection on that day, but any way I am a Mozilla Contributor now and Firefox Student Ambassador too πŸ™‚

20150911_220347

Activities that I have done till now are very less because we don’t have Firefox club in our collage but we have a cool FOSS club which helps students to contribute to FREEdom software by coding, what I have done till now are install Firefox in my friends systems that doesn’t have it installed and made it as the default browser also update few to the latest version who are running previous versions of Firefox. Also attended the August Office hour too as it is required to become a Trainee

I plan to start a Firefox club in our collage and do more activities and fun events πŸ˜€ let’s see how it goes well πŸ™‚ and I plan to become a junior level by the December and crush (fix) a lot of bugs too

GitHub free private repositories for me

This was the happiest moment of mine ever πŸ™‚ well even winning InCTF second round didn’t make me this much happy πŸ˜›

I was using Bitbucket just for this reason πŸ˜€ even we created a new organisation in the Bitbucket using our teacher’s (Bithin Ettas) email and we got unlimited number of the collaborators which become’s GitHub with unlimited Private repo’s. But I personally like GitHub UI more than that of Bitbucket (Bitbucket team don’t feel bad) and this made it easy to create great repos like the ctf write-up’s at https://github.com/ctfs/

Now with the private I can stick to Github only and also I love the gh-pages they give us freely πŸ˜€

I am not sure if it has anything to do with the HackIndia that I attended as Github was stated as the sponsor for the event

I know that I am posting this blog after a long time but I will try to make sure that all my posts that are still in the draft which include’s my Experience at Debutsav, KdeConf and HackIndia 101 !! I know this are getting pretty old topics and I will try to blog on from now when ever I got some time to spare πŸ™‚ and I started reading books between the free periods and break time in my college, so no laptop in the college and less strain πŸ™‚ also I need to get a good score in Academics and my target GSOC well I stopped doing CTF’s for this thing only na πŸ˜‰ Any way this blog is going too personal let me stop it here and publish

conf.kde.in 2015

I also know about this event in the mailing list and I helped with the registration a little Tony was taking names of whom ever he can find in the college of CSE department πŸ˜› and science I didn’t took any responsibility this time I asked Harish if he needs any help and he asked me to help with installing QT in the lab systems which is quiet very easy (as simple as ./filename) Β and Vipin sir didn’t like me deviating from what I am doing!

This time no issues and every one were able to attend the event so around 100 registrations and many of my friends also registered for the event

The conference started with lighting of lamp and Bala sir and others welcoming the KDE India team and keynote was byΒ Noufal Ibrahim and it wasn’t boring he mentioned about re-usable software (basically how to use pipe in terminal πŸ˜› )

Then there were session about various KDE software and the one I liked most was Krita the video about it was awesome and looks like a real painting! and there was some introduction to QT and QML which is similar to C++ and some other sessions, slides can be found hereΒ http://files.kde.org/confkdein/2015/

Evening there was a hand’s on session on QT and I found it cool and easy and I was shocked about it’s cross platform it works on Windows/MAC/Linux even on Android! and tried few basics of it and made some new friends too!

Next day the session continued and some were interesting!

Other Posts and Pictures:

https://harishnavnit.wordpress.com/2015/04/24/conf-kde-in-15-my-views/

http://sinny.io/2015/04/23/another-amazing-conf-kde-in/

http://blog.pinak.me/kde/conference/conf.kde.in/talk/2015/04/19/cki-2015.html

http://karanluthra.in/blog/2015/05/conf-kde-amrita-15/

https://www.flickr.com/photos/anup07/sets/72157651565839337/

https://www.flickr.com/photos/49657487@N07/sets/72157652087907982/

InCTF-2015 Experiences

Hello every one πŸ˜€

In this post I will be sharing my experiences on InCTF2015, I am writing this blog as the admins of the CTF have made it a question worth of 100 and the difference between us and the next team below us was just a matter of solving the question first (bonus score) any way I don’t think that there will be any bonus score for this question as I am not the first one to send my experiences and hope the VYkingS team didn’t send the experience first πŸ˜›

And also I wish that the awarding points will not be done as in the collage exams (based on the length of the answer written lol :P). One more thing this is not just my personal experiences, these represent the team (beginners) experiences (another way of saying other members in the team may or many not write their own :D, best way to skip the job)

Enough of this intro, to be frank InCTF is the only challenge which made me feel confident that, I can achieve something great πŸ˜€ words are not sufficient for me to describe about this CTF and I am not a writer too πŸ˜› (doesn’t mean that this is the end of the post)

I have taken part in some ctf’s like PicoCTF but I have never participated in the live ctf and able to solve this many challenges and had a real feel of CTF and competition and thinking to win it and really won it πŸ˜€

So I will say how this ctf went on, first of all the day before the challenge I was given the task to submit the first round tasks by sending them a email. I was having holiday on friday as there were some cultural events so I slept a lot on the friday and in the night I started looking at the first round question and trying to complete them if there were any blanks and some missing things etc.. So I submitted them around 5 AM (as usual do the assignment on the last day in engineering :P). My team mate told that he will wake me up at 9 AM and thought to get ready by 10AM and start the competition. Thank God that on the friday something big happened in the Kerala and Saturday was declared as hartal (bund – In kerala you can expect them once in a week so lot of holidays for our college πŸ˜› )

My friend Rakesh (rok_ in IRC) woke me up only at 10AM so that I can more sleep πŸ˜€ and then came to known that the ctf will be starting only at 12, I felt very happy as I need not start the ctf lately (as in the case of normal class and then ask faculty for attendance and attendance is very strict in Amrita :P) This definitely helps us as other wish we couldn’t have scored the bonus points which made the lead the CTF. So saw the India batting for some time and the wickets fell continuously so I stopped watching (you know these lucky things right :D) And then I started going to lab knowing everything regarding harthal is fine now (as the wifi at the hostel sucks as less as 50kbs which is far less than the 3g speed in my mobile)

Sai Ram (blah_blah) was already there in the lab waiting for the challenges to come online (he is our crypto expert) after that we had our food in mess (mess food really sucks here πŸ™ ) and then our other members Rakesh and Abhishek(REVO in IRC) joined us.

So in this manner all the ctf started and the first thing that we targeted was triva as it’s the best way was to score the points easily. So we got hefty points (including bonus points) in the starting and we solved all the triva(including twitter picture the top image in the blog) except 2 question the ip one and the docx one.

I tried for the ip one as localhost as I know nothing more than that as I haven’t taken my network classes yet, then later I asked the same with admin, he told I was correct but there was some similar name to the localhost and always I found was loopback and then I gave a try with it and got the flag

We we stuck at the docx one till next day It was my mistake πŸ™ after extracting the tar.gz file I got a zip file, instead of a second thought I just unzipped the file πŸ™ this was my dam mistake and I was getting the answer by zipping the file again and renaming the file to docx and this didn’t work because the version of the zip in my machine was a latest one πŸ™ , When the admins told that they have told that they have made the question easy for us, I got the flag in matter of just typing πŸ˜€ , Lesson learned if you are not getting a simple challenge try to start doing it again you might have done something wrong

My area is RE so I first about those problems, The first two sums were pretty easy and I got them as soon as opening them in the IDA pro. first one was a small ARM question and second one was hardcoded password strings will give the flag

And the third one was jar file, I have jad (java decompiler no need online one :D) and then decompiled them but I have never coded in java and all the problems I have done in picoctf were just hard coded ie the password was right there when I just decompiled them So I have postponed this one to next day ( I should have done it now it self as it was also very easy one)

I started doing the Forensics even thought, It was not a my piece of cake, the first one which I solve was fixme one in this question we were given a image file and It was damaged, as per my knowledge the thing that they would have done is just changed the header of the image, but I have never used any tools or hexedit to change it to match the exact header, but the online services have saved me from a lot of googling and installing new software πŸ˜› and got the image fixed not sure which one worked for me but I will mention them in the write-up if I have time

Second one was pcap file and my friends found something interesting in the wireshark which say it’s the key (but it didn’t say that it is the flag :P) we have submitted many times the same key and even told admins that the question has some issue with it, later we came to know that we need to get a file from the pcap and this is the key to open the file. I have used a lot of tools in windows vm to get the files from the pcap file but nothing worked well (or my vm is bad) but I found a ausome tool for linux named foremost which gave me the zipped file in a matter of seconds and I used the key to unzip the flag and then got the flag πŸ˜€

I have tried many other sums but not sure if i can explain them here, few of the web question were solved by Abhishek (REVO) one was 9999 sum we need to give the hex value not sure about the second one

Rakesh (rok) was able to solve few binary not sure how he got them

By the night around 12 we got the score of 1500 and we have been in almost top 5 (not sure about it it might be top 10 too) so we did our best for the first day

So I and rakesh decided to take good rest so that we will be able to solve theres well tomorrow and Sai ram and abhishek decided to burn the midnight oil πŸ˜€

In the night on return we had a great opportunity to steal mangoes from one house on our way back to hostel (every day there used to be a dog and it was our lucky day that it wasn’t there or sleeping) we ate the first mango of this season even before ugadi (ugadi is festival of Andhra people)

And the best part was the hostel door was locked and only way we can enter is by jumping the wall (which is common for us don’t say it to our warden)

Next day I was in the lab by 9 AM (every one was surprised as I never got up that early on sundays and came to lab)

This day was not that successive in points (but we were moving close to our answers slowly) Our position went as bad as 20 but we were still first in our campus (so that we will be sure for the 3rd round)

But something worst happened to us we were overtaken by a girls(seniors) team from our campus who are participating in the ctf for the first time (no offence anonymous I suggest you choose a another team name as this name doesn’t have a good name in the security field)

But the lesson learned was never give up even thought every thing seems very difficult (as we can say from our results as we topped)

But when the hints were given we were able to slowly get the score in the ending and the mass hints very useful to us πŸ˜€

We will be trying to write writeups and explaining them very clearly and updating this post too

Any way we were able to solve all the RE and crypto (credits goes to Sai ram our crypto master re all except which were taken down)

Screenshot from 2015-03-15 23:33:05

here is the screen shot of the question solved In the last minute our target was just to make sure that our team will be first, the new opponent that we have is the IITR VKingS team which came equal to us (except for the bonus points) all our team members are working in the last minute to make sure that we score one more question and remain in our position. I and sai ram were working on forensics and Rakesh binary Abhishek Poodle question (If we were able to continue solving the same we would have been no where reachable to other team)

Any way the final score was like this

Screenshot from 2015-03-16 00:00:53

Now coming the final words (I have been told by admins the points for this question will be awarded based on the how well we appreciate the team and their work πŸ˜› jk)

Over all the CTF was Excellent πŸ˜€

We appreciate all the people who are responsible for creating this great event

The greatest thing about this event is that this event was that this event was not at all run for profit and the motto of InCTF was to make more people from our country interested in Cyber Security and all the event organizers didn’t expect any thing in return other than our active participation (though they get some experience in conducting CTF’s :P)

Also Definitely InCTF2015 sponsors VMWARE definately as they are the main people sponsoring this event by bearing all the money for the servers and travel charges for the 3rd round etc … Think of the case if they weren’t there and each team has to pay 200 INR in the form of DD to Amrita University, the case would have been different

Fedora for make more girls team to participate

Mycodeschool for publicity (even though some team complain that publicity was not so good, hope they understand that the resources(money) are very less )

Not the least Amrita University Cyber Security Department (believe me I won’t get any extra credits for this πŸ˜› )

Cons :- (Indian can complain about every thing even though every thing was perfectly good πŸ˜› )

Rules were not clear for example the 3points bonus score I think it’s no where mentioned in the website even thought we figured it out very fastly

Also wish every question were named as in picoctf based on the question type not just bin1 bin2 so on, but clues made it clear, forensics question names were based on the type thought

Website is too old πŸ˜› think it can go for a new design

That’s it πŸ˜€

Tummala Dhanvi (c0mrad3 black shirt in the behind main photo)

Sai Ram ( blah_blah white checks in the behind)

Abhishek (REVO man with spects red shirt selfe taker :P)

Rakesh (rok_ remaining one πŸ˜› )

Status of my current things (Or I that ever the hell I have done till now)

So time went on very fast and I still think that I need to work hard and learn a lot of things and I still feel that I am wasting most of my time ( not exactly wasting I meant I am not utilizing my time to the maximum extent or most of it.

So I will keep most of this empty and I will update it with what ever I feel to update, but I have done a hell lot of things so this post might be a bit longer

Now I kept cyber Security aside for some time and I am contributing to open source and hope I will make to GSOC this time but I am pressured more and hope everything will be fixed by the end of march but my cgpa ? πŸ™ let’s see how it goes

66th Republic day

Hi guys

I am blogging after a long time also I have written about my personal after a long time and these days I have been stopped blogging at all and also it seems like I have stopped writing at all but I like writing a lot, I have not writing these days as I was busy in doing other things (or as I feel so) but as you, There should be always time for the things you like or, There will be always priorities

Continue reading 66th Republic day