Showing Posts From

April 2013

  • 30 Apr 2013

MWR Challenge 2013

MWR InfoSecurity launched its 2013 cybersecurity challenge called "The Hunt for Ilichy". The competition invited participants to solve counter-intelligence puzzles with the opportunity to win tickets to HackFu, their annual hacking event. Ten winners would receive event entry, accommodation, and potentially travel prizes for exceptional submissions.

  • 25 Apr 2013

HackFu Venue - Clue 4

A HackFu event puzzle presents a riddle about a ballet dancer's post-university experience. The clue challenges participants to fill in a two-word blank describing the dancer's situation after graduating. The puzzle is presented as a Blankety Blank-style challenge with an accompanying image.

  • 25 Apr 2013

MWR HackLab - Chubby Data

A team analyzed a massive 9TB internet scan dataset using cloud and NoSQL technologies. Multiple approaches were explored to make the data searchable, including Amazon CloudSearch for FTP banners, SQL databases for NBTStat scan results, and NoSQL databases like CouchDB and ElasticSearch for HTTP headers. The project focused on developing efficient parsing and search techniques for large-scale internet infrastructure data.

  • 25 Apr 2013

MWR HackLab - Root/Beer Fridge

A cybersecurity team created an innovative beer fridge that unlocks through hacking challenges. The system uses a Raspberry Pi and Arduino with solenoid locks to create an interactive reward mechanism for solving technical puzzles. The project aimed to gamify hacking achievements by providing beer as a reward for completing security challenges.

  • 22 Apr 2013

MWR HackLab

MWR Labs hosted an internal hackathon where team members collaborated on diverse technology projects. Participants worked on innovative ideas across areas like data analysis, hardware hacking, and electronic systems. The event fostered creativity and team engagement through hands-on exploration of technical challenges.

MWR Labs Pwn2Own 2013 Write-up - Webkit Exploit

A detailed technical write-up of a WebKit exploit demonstrated at Pwn2Own 2013 describes a type confusion vulnerability in SVG document handling. The exploit leveraged the ability to cast non-SVG elements to SVG elements, enabling precise memory manipulation and control. By chaining multiple exploit stages, the vulnerability allowed leaking pointers, calculating memory addresses, and ultimately achieving code execution in the browser.

  • 18 Apr 2013

HackFu Venue - Clue 3

The third clue for the HackFu venue location is revealed as a mathematical puzzle. The cryptic clue "I squared plus two" presents a mathematical challenge to participants seeking the event's location. The clue is accompanied by an image, adding to the mysterious nature of the venue reveal.

  • 12 Apr 2013

HackFu Venue - Clue 2

The blog post reveals the second cryptic clue for the HackFu event venue location. The clue is a poetic line: "Of thy tongue's uttering, yet I know the sound." The specific meaning of the clue remains enigmatic, suggesting a puzzle or riddle about the event's destination.

  • 3 Apr 2013

HackFu Venue - Clue 1

The first clue for HackFu's venue location references the famous "Remember, remember" line, specifically mentioning "the Vth". This cryptic hint is part of a series of clues designed to guide participants in discovering the event's location. The first clue was released as part of a multi-week puzzle to reveal the HackFu venue.