Tonight we worked on buffer overflows, and some binaries on the new OSUSEC CTF platform. Slides (requires ONID login) Next week, we’re going to work on similar binaries, but comparing the assembly code with the C code.
Tonight we talked about some CTF tools and did a walkthrough for “start” on pwnable.tw. You can read a detailed writeup for this binary on the OSUSEC GitHub. Here’s a link to the slides (requires ONID login): Slides For those of you who felt lost tonight, my apologies! I received some great feedback, and will… Read more
Thanks for a great first meeting for Winter 2019! Here is a link to the slides (requires ONID login): Slides For those of you who were unable to make it, here’s a brief summary of what we went over. Mostly, it was just talking about what’s coming for the rest of the term: Updates on… Read more
Happy New Years! Our first meeting will be this Thursday at 7pm in KEC1003, and we will be meeting at the same time/place the whole term. Some things to look forward to for this term: I’m working with NetSPI to have them come back with a more technical presentation and hopefully some labs, so that… Read more
The NSA Codebreaker Challenge finished today, and I’m proud to announce that Oregon State University is the winner! We also had the most people complete Task 5 and 2 people complete Task 7, which is awesome! For those of you who are unfamiliar with the Codebreaker Challenge, it is a CTF-style event put on every… Read more
I’m thrilled to announce that OSUSEC placed 1st at the Cyberforce Competition last weekend at PNNL, and 3rd nationwide out of 70 teams! I’m very proud of everyone’s hard work, and am already excited with new ideas for next year. The university is sending out a press release on Thursday so I’ll update this post… Read more
Thanks for a great last meeting for the Fall term! I gave a talk on all of the low-level architecture and x86 assembly content needed to get started with binary pwning, here is a link to the slides. Hopefully, this is enough to get you all started! Have a great winter break!
Thanks to Karl Fosaaen from NetSPI for the awesome presentation on an introduction to penetration testing! Remember, if you want to learn about these things on your own, please make sure to do it on your own network and devices. I’ll update this post with a link to the slides when they become available. I… Read more
Thanks to Emily for the great talk on SIEMs (Security Incident and Event Management)! Here is a link to the slides. Announcements from tonight’s meeting: Make sure to RSVP for the NetSPI event happening next week (during our normal meeting time)! Here is a link to the form. Oct. 25 is the last day to… Read more
Link to GitHub Even though this was a pretty simple challenge, I really enjoyed it and wanted to do a write-up for it anyways. EV3 is the latest generation of the LEGO Mindstorms robots, and thanks to this challenge I know a lot more about the Mindstorms Communication and Firmware Developer Kits than I ever… Read more