- Personal website of Thomas Sluyter

Unimportant background
  RSS feed

About me

Blog archives













> Weblog

> Sysadmin articles

> Maths teaching

PvIB Pen.Testing workshop

2015-10-07 06:32:00

The CTF site

Last night I attended PvIB's annual pen-testing event with a number of friends and colleagues. First impressions? It's time for me to enroll as member of PvIB because their work is well worth it!

In preparation to the event I prepared a minimalistic notebook computer with a Windows 8 and Kali Linux dual-boot. Why Kali? Because it's a light-weight and cross-hardware Linux installer that's chock-full of security tools! Just about anything I might need was pre-installed and anything else was an apt-get away. 

Traveling to the event I expected to do some networking, meeting a lot of new people by doing the rounds a bit while trying to pick up tidbits from the table coaches going around the room. Instead, I found myself engrossed in a wonderfully prepared CTF competition. In this case, we weren't running around the conference hall, trying to capture each other's flags :D The screenshot above shows how things worked:

  1. Each participant would register an account on
  2. Your personal dashboard showed the available challenges, each worth a number of points.
  3. Supposedly easy challenges would net you 50-100 points, while big ones would net 250, 500 or even 1000!
  4. Each challenge would result in a file or piece of text, which one needed to MD5 and then submit through the dashboard.

I had no illusions of my skillset, so I went into the evening to have fun, to learn and to meet new folks. I completely forgot to network, so instead I hung out with a great group of students from HS Leiden, all of whom ended up really high in the rankings. While I was poking around 50-200 point challenges, they were diving deeply into virtual machine images searching for hidden rootkits and other such hardcore stuff. It was great listening to their banter and their back-and-forth with the table coach, trying to figure out what the heck they were up to :)

I ended up in 49th place out of 85 participants with 625 points. That's mostly middle of the pack, while the top 16 scored over 1400 (#1 took 3100!!) and the top 32 scoring over 875. 

Challenges that I managed to tackle included:

Together with Cynthia from HSL, we also tried to figure out:

The latter was a wonderful test and we almost had it! Using various clues from the web, which involved multiple steganography tools provided by Alan Eliason, ImageMagick and VLC. We assumed it was a motion-jpeg image with differences in the three frames detected, but that wasn't it. Turns out it -was- in fact steganography using steghide.

Ironically the very first test proved very annoying to me, as the MD5 sum of the string I found kept being rejected. It wasn't until our coach hinted at ending NULL characters that I switched from "cat $FILE | md5sum" to "echo -n $STRING | md5sum". And that's what made it work. 

To sum things up: was I doing any pen-testing? No. Did I learn new things? Absolutely! Did I have a lot of fun? Damn right! :) tags: , , ,

View or add comments (curr. 0)

My first foray into pen-testing

2015-09-30 18:23:00

A few days ago, my buddies at IT Gilde were issued a challenge by the PvIB (Platform voor Informatie Beveiliging), a dutch platform for IT security professionals. On October 6th, PvIB is holding their annual pen-testing event and they asked us to join in the fun. I've never partaken in anything of the sorts and feel that, as long as I keep calling myself "Unix and Security consultant", I really ought to at least get introduced to the basics of the subject :)

So here we go! I'm very much looking forward to an evening full of challenges! 

The PvIB folks warn to not have any sensitive or personal materials on the equipment you'll use during the event, so I went with Mark Janssen's recommendation and bought a cheap Lenovo S21e-20 notebook. I'll probably upgrade that thing to Windows 10 and load it up with a wad of useful tools :) tags: , , ,

View or add comments (curr. 0)

Some hard work that I need to pull through!

2015-09-30 17:51:00

Aside from my day to day activities in the fields of Unix/Linux and security, I want to ensure that I keep up with relevant and useful skills. I believe that expanding my horizons and keeping up with tech outside of my usual activities is a very useful activity. As the proverbial "big stick" I challenged myself to achieve two professional certifications this year:

  1. Oracle Certified Associate, for Oracle 11. Many of my activities so far have touched on databases, but my current project's the first time that I've had to actually dive into them. I would like to actually know something about the stuff I'm working with, hence I'd like to achieve at least a basic set of Oracle DBA skills. 
  2. Puppet Professional. Puppet's one of the more recent techs that I feel has a huge future. As the saying goes "I want me some of that!". While I have no current need for Puppet, I am keen to soon get started on a Puppet job!

Of course, the year isn't very long anymore, so I'd better get cracking! tags: ,

View or add comments (curr. 0)

Puppet Practitioner course completed

2015-06-24 20:03:00

The past few months I've been hearing more and more about Puppet, software that allows for "easy" centralized configuration management for your servers. Monday through Wednesday were spent getting familiar with the basics of the Puppet infrastructure and of how to manage basic configuration settings of your servers. It was an exhausting three days and I've learned a lot!

The course materials assumed that one would make use of the teacher's Puppet master server, while having a practice VM on their own laptop (or on the lab's PC). As I'm usually pretty "balls to the wall" about my studying, I decided that wasn't enough for me :p

Over the course of these three days I've set up a test environment using multiple VMs on my Macbook, running my own Puppet master server, two Linux client systems and a Windows 8 client system. The Windows system provided the most challenges to me as I'm not intimately familiar with the Windows OS. Still, I managed to make all of the exercises work on all three client systems! 

Many thanks to the wonderful Ger Apeldoorn for three awesome days of learning! tags: , , ,

View or add comments (curr. 0)

First attempt at SQL exam: did not pass

2015-06-19 07:59:00

After roughly three months of studying (at night and on the train) I took a gamble: last night I took my Oracle SQL exam 1Z0-051. Along the way I've learned two things:

  1. The contents of the exam are rather different (and more difficult!) from the practice exams and study materials that came with the two books I have.
  2. It's not a good idea to attempt the online exam at 23:00, after a long day of work and an evening of studying :D

I'm going to "deflate" for a few weeks before continuing my studies. I really, really want to achieve my OCA before the end of the year, so I'd better get a hurry on after that.

But first, my first three days of Puppet training! More exciting new things to learn! tags: ,

View or add comments (curr. 0)

Branching out, learning about databases

2015-03-01 13:52:00

Since achieving my RHCE last November I've taken things easy: for three months I've done nothing but relaxing and gaming to wind down from the big effort. But now it's time to pick up the slack again!

Over the past years I've worked with many Unix systems and I've also worked with with monitoring, deployment and security systems. However, I've never done any work with databases! And that's changed now that I'm in a scrum team that manages an application which runs on Websphere and Oracle. So here I go! I really want to know what I'm working with, instead of just picking up some random terms left and right. 

Starting per March, I'm studying Oracle 11. And to keep myself motivated I've set myself the goal of achieving basic Oracle certification, which in this case comes in the shape of the OCA (Oracle Certified Associate). The certification consists of two exams: a database technology part and an SQL part, the latter of which may be taken online.

This is going to be very challenging for me, as I've never been a good programmer. Learning SQL well enough to write the small programs associated with the exam is going to be exciting but hard :) tags: ,

View or add comments (curr. 0)

Passed my RHCE

2014-11-11 09:16:00

Snoopy is happy

Huzzah! I passed, with a score of 260 out of 300... That makes it roughly 87%, which is an excellent ending to four months of hard prepwork.

The great thing is that I'm now able to rack up 85 CPE for my CISSP! 25 points in domain A and 60 points in domain B, which means that my CISSP renewal for this year and the next two is a basic shoe-in. Of course, I'll continue my training and studies :)

My RHCE experience was wonderful. Like last year with my RHCSA, I took the Red Hat Kiosk exam in Utrecht.

A while back I was contacted by Red Hat, to inform me I'm a member Red Hat 100 Kiosk Club which basically means that I'm one of the first hundred people in Europe to have taken a Kiosk exam. As thanks for this, they offered me my next Kiosk exam for free, which was yesterday's RHCE. Nice!

The exam was slated for 10:00, I showed up at 09:30. The reception at BCN in Utrecht was friendly, with free drinks and comfy seats to wait. The Kiosk setup was exactly as before, save the slot for my ID card which was already checked at the door. The keyboard provided was pretty loud, so I'm sorry to the other folks taking their exams in the room :)

All in all I came well prepared, also with thanks to my colleagues for sharing another trial exam with me. tags: , ,

View or add comments (curr. 0)

Let's do this!

2014-11-09 15:15:00

RHCE exam in 18 hours

If I'm not ready by now, nothing much will help :)

Looking forward to taking the RHCE exam tomorrow and whichever way it goes, I'm also looking forward to the SELinux course I'll be taking at IT Gilde tomorrow night. tags: , ,

View or add comments (curr. 0)

Older blog posts