SANS Christmas Challenge 2022

Posted on ven. 06 janvier 2023 in Write-up

The SANS 2022 Christmas Challenge. In the background, a hill top, with a frozen castle and a frozen dungeon. In the foreground, the text "Holiday Hack Challenge 2022 now open".

Five Rings to rule them all, Five Rings to find them,

Five Rings to bring them all and in the darkness pwn them.

In the Land of Kringle where the Red-teamers lie.

(see, I can mix it up)

Here's my write-up for the 2022 SANS Christmas Challenge.

Table of contents …


Continue reading

SANS Christmas Challenge 2021

Posted on mar. 04 janvier 2022 in Write-up

The SANS 2021 Christmas Challenge. In the middle, a wooden pannel with a yellow ribbon. The pannel reads "Now Open". On each side of the pannel, Santa Claus in his usual attire, and Jack Frost, wearing a red suit with white stripes, green shoes and a green shirt. He has pointy ears and blue spiky hair. His arms are crossed and he's smirking like a jerk. We also see four calling birds. One is playing poker, one is blowing in a bird call, one is wearing a tie and is on their phone, and the last one is just shouting.

Jingle shell, jingle shell, jingle shell rock

Jingle shells swing and jingle shells ring

Pwnin' and poppin' up boxes is fun

Now the jingle hop has begun

Here's my write-up for the 2021 SANS Christmas Challenge.


Continue reading

SANS Christmas Challenge 2020

Posted on lun. 11 janvier 2021 in Write-up

sans_christmas_challenge_2020_logo.png

Oh, the COVID is frightful,

But KringleCon is so delightful,

And since we must all stay home,

Let it pwn! Let it pwn! Let it pwn!

Here's my write-up for the 2020 SANS Christmas Challenge.


Continue reading

SANS Christmas Challenge 2019

Posted on mar. 14 janvier 2020 in Write-up

sans_christmas_challenge_2019_logo.png

On the twelfth day of Christmas, my true love gave to me:

Twelve Phishers phishing

Eleven Shells a-popping

Ten Passwords spraying

Nine Splunks a-splunking

Eight Machines learning

Seven Metasploit scanning

Six Blue Teamers crying

Five Golden Tickets

Four Domain Hashes

Three Malicious Macros

Two LAN Turtles

and a Pwnage in …


Continue reading

SANS Christmas Challenge 2018

Posted on lun. 14 janvier 2019 in Write-up

sans_christmas_challenge_2018_logo.png

🎵 I'm dreaming of a pwned Christmaaaaas 🎵 As usual, here's my write-up for the 2018 SANS Christmas Challenge.


Continue reading

SANS Christmas Challenge 2017

Posted on mer. 10 janvier 2018 in Write-up

sans_christmas_challenge_2017_logo.png

'Tis the season to be pwning, falalalala lalalala. As usual, here's my write-up for the 2017 SANS Christmas Challenge.


Continue reading

Meet beautiful XSS in your area: a YouPorn bug bounty [SFW]

Posted on mar. 28 mars 2017 in Bug bounty

youporn_logo.png

I don't do bug bounties due to a lack of time. Although I have a HackerOne profile, you can see that I'm not so active. However, a coworker of mine spends quite some time on different bug bounty programs.

On 2017-02-06 evening, when we were both connected to our work …


Continue reading

SANS Christmas Challenge 2016

Posted on jeu. 05 janvier 2017 in Write-up

sans_christmas_challenge_2016_logo.png

This blog is beginning to look a lot like being exclusively about SANS Christmas Challenges write-ups. What can I say, they're so good! Anyway, let's roll for the 2016 edition of this marvelous Christmas Challenge.

Everything starts again with the Dosis children. As they're reminiscing on last year's Christmas, they …


Continue reading

SANS Christmas Challenge 2015

Posted on sam. 09 janvier 2016 in Write-up

sans_christmas_challenge_2015_logo.png

This year again, the SANS institute delights us with a wonderful Christmas Challenge.

We follow the Dosis family, after they purchase a Gnome in Your Home for their kids, Jessica and Joshua. These two kids, especially bright for their age, tinker with the gnome, to find that it has a …


Continue reading

May the Cipher be with you

Posted on dim. 03 février 2013 in Cryptography

ciphersaber-logo.png

NB: I know that implementing cryptographic algorithms yourself is dangerous. There are many implementation problems people won't think about, like memory management. I just wanted to talk about the CipherSaber because I think it's an old, yet neat project. I think it's important to sensitize people about cryptography and the …


Continue reading