Google CTF : Moar

ctf_logo

So our second challenge in beginner’s quest is of PWN category. The challenge name is Moar.

5.PNG

It’s a pwn challenge so it can be some kind of binary exploitation challenge. So after doing netcat with the given host and port we get a man page.

6.PNG

and there is nothing we can do with this page. It’s just a man page. Since it’s a pwn challenge we need to get shell or execute commands. So if you see closely man page has less program running. If you do a simple google search ‘run terminal commands in less’   the results shows “You can access the command line using bang (!) within less.”

so let’s try it out  !ls /home

7.PNG

and then doing !cat /home/moar/disable_dmz.sh will give us our flag

CTF{SOmething-CATastr0phic}

 

Solved !!

Advertisements

Google CTF : Letter

ctf_logo

So our first challenge in beginner’s quest is of Misc category. Let’s see what challenge says

1.PNG

After downloading the attachment we get a compressed file and inside it is a challenge.pdf . Which looks like as follows

2

So we can’t read the username and password. So the first obvious thought was to convert the pdf to something more friendly like a txt file. So if you are on a linux system you can simply use pdftotext utility to convert the pdf to text and if you are on windows or any other system you can just use online pdf to text converter.

 

And the results are as follows

4

solution : CTF{ICanReadDis}

 

GSOC 2018 with The Qt-Project

gsoc18

 

It’s summer time and what can be better than an internship and that too with Qt. Yeah, i got accepted in GSOC 2018 with The Qt-Project as my organization.  The goal of my project is to provide meson build system support to Qt-creator natively.

Brief about the project : “Meson is a build system that has become popular with open source projects in the last couple of years. Qt Creator should be able to open meson projects natively. The goal of the project is to provide meson build support to Qt creator IDE.”

My mentor Tobias Hunger is really nice and patient person 🙂 . Tobias helped me in writing a good proposal and helped me in setting up my dev environment too.

Currently we are in Community bonding period and i am getting familiar with the Qt community at dev level. what’s the work procedure, how to contribute and what guidelines to follow.

I followed this guide : https://wiki.qt.io/Setting_up_Gerrit to setup my dev environment.

Some common problems/FAQ that you can face are :

  1. not using real name in git config user.name
  2.  if you encounter any sanity bot check errors follow this guide : http://wiki.qt.io/Early_Warning_System
  3. Follow coding guideline : http://wiki.qt.io/Qt_Coding_Style

That’s all for now folks. To know more about my progress , stay tuned for more blog posts 😉

P.S. if you want a video tutorial on how to setup the working environment just let me know. I will try to create it . PEACE !!

 

KDE Randa Meeting 2017

Hello o/ , so this was my first Randa meeting . So excited !!  So my main motive for this meeting was to fix wikitolearn desktop client which needed a desperate attention to it . It was broken so badly that it was not even possible to use it . Reason was simple : WikiTolearn api keeps evolving and even though i tried to keep my client updated with it , it was just no practically possible .

So i waited for some time for stable WTL API and then i will again start working on the client . The time is now , the api has matured and is stable now that means i can finally work on it !! Cheers !!

This was how the client was working before fix . it was not even able to display the images Screenshot at 2017-09-22 22-37-49

So for the first 2 days i worked on fixing and updating the client . The API was changed a lot and i had to almost rewrite the parsing feature of the client . It felt good when the client was restored to its former glory 😉 .

Now the theme for the KDE Randa meeting this year was to make “Kde more accessible ” . So i decided to port the client to mobile devices too . earlier it was available on Linux , Mac and windows . For the next days i tried and ported the client on android device ( Iphone not yet ) . The client has problem on mobile device . the problem is that Qwebview can’ be overlapped with other components . This is a known limitation .

Now my focus was to overcome this challenge and make the client work same on mobile devices . After brainstorming and taking advice from awesome developers around me , i found a solution . The solution was to hide the webview whenever any other component ( mainly QML Drawer ) comes in front .

So finally we have wikitolearn desktop client on mobile devices too . I still need to do testing of it,  that will come soon too 😉

home

After that our Randa group went for  hiking . We hiked for 4 hours and even crossed the charles koune suspension bridge . It felt awesome !!

21688621_115528542462316_953292068933861376_n

Eveery good thing comes to an end too and so was our sprint . I enjoyed and learnt a lot from this sprint . I would really like to thank the whole organising team and specially Mario Fux and Simon Frie for helping us a lot and organising every thing . I would really love to come back to Randa meeting again next year .

Keep Contributing , keep committing !!

Summary of WTL_India conference

The first ever WTL_INDIA conf was a 2 day single track event held on the 18th and 19th of January, 2017 in Jaipur, India .

img_20170119_221240

I arrived at Jaipur on 18th Jan 2017 at 3:30 AM o.O Booked a cab from UBER and reached the campus ( LNMIIT Jaipur ) at 4:00  AM . Sagar’s junior Punit was there to receive me .  Punit was life saver , he took the trouble to receive me at 4:00 AM and not to mention in extreme cold .

I was tired from my journey and instantly slept in my room . At morning i meet with our speakers group 🙂 . We did our breakfast at campus mess  . My stomach was full  , now my day starts officially.

DAY 1 : 18th Jan

First day was packed with lots of speakers . I was also assigned for my talk on same day . The event kicked off from Sagar’s talk on  introduction to Open source  and KDE .

Follow up talk was from Riccardo ( founder of WikiToLearn ) . He talked about his journey and how and why open source is important . After that he talked about WikiToLearn , what it is ? why it is needed  .

My talk was the last talk of the day . It was in the 2nd session of the day . I started by introducing myself and my project . I talked about how i build WikiToLearn desktop client , what challenges i face and how other students and developers can contribute to it .

After my talk  we ( me and other speakers ) did QnA with students . We tried to resolve their doubts , questions .  Later in the evening we did hands on session on GIT and Github .  We gave small small task / challenges for students to solve it . The whole day was action packed i enjoyed a lot and hoped that everyone was able to learn something from it .

 

“All work and no play makes Jack a dull boy ”

All work done , now the fun starts . I explored the campus with speakers and interacted with each other . We tried to teach Riccardo some local dialects and Hindi . It was a sort of cultural exchange between us .

img_20170119_100923_904

Day 1 was fun !!

Day 2 : 19th Jan

The 2nd day kicked off with Tony speaking about engaging and bringing in new contributors to open source  community, tony is a really experienced speaker . He knows when to induce humour in talk and when to get into details .

I too got to learn a thing or two from fellow speakers . Below R.harish navnit is teaching me a thing or two about CMAKE  . Screenshot_20170214_181422.png

Overall it was a really rich experience , i got to meet fellow developers of wikitolearn and was able to make new friends . I wanted to stay for more but i had other priorities so I  had to leave Jaipur on 19th jan . Thank you all the volunteers , speakers , Sagar and Srijan for making this conference a huge hit .

 

Screenshot_20170214_181902.png

Summary of my GSOC 2016

So from tomorrow final evaluation by mentors are going to start .  Really excited for it .

I was successfully able to implement my project .

 

A Brief Description: A Qt(c++)/QML app for offline usage and browsing of WikiToLearn. . The client should be able to -search a page

-save a page offline

– read the offline pages

– update or delete a pages

 

This is what I learned during GSoC:

  • QML
  • Qt Framework
  • How to use wikitolearn / mediawiki API
  • GIT
  • Agile Development
  • SQLite Database
  • Model-view programming
  • Debugging ( learned to use GDB and qt debugger )
  • Project Management ( following timeline , deadline )

I have submitted all my work now and you can find the work report here  : https://community.kde.org/GSoC/2016/StatusReports/jgupta

 

 

Closing in

banner-gsoc2016_2

 

Hello , readers  we are closing in to the end of GSOC 2016 and so is my project . A quick update  WIkiTolearn made some changes to the API and my application is dependent on it .

 

I actually  use regex to get the links , url and actual data from API to get the contents .  I then process that   content and display it to user .

 

changes in the API can be read here : http://restbase.wikitolearn.org/en.wikitolearn.org/v1/?doc

 

Now what’s left to do in the app is to manage pages from the user end and to display offline pages in the app .

 

If you have seen my old demo video , you will see the deletion of pages  , updation of pages  is too manual . It was not at all user friendly .

 

I need to work on to make the app user friendly .  I will soon make a video to show the current state of the app .

We  are close 😀

tumblr_n1b2c3xl171st1te9o1_500