TLDR Stop using both the usb and memory card at once. Else, it will be next to impossible to recover anything back, since the data cells got overwritten, instead of just being “unlisted”. On Window (Linux), you can just install Recuva (extundelete or fatcat) for free and point the app to your usb or memory card, you’re welcome. However, I would still prefer a more sure-fire way to preserve my data, hence the blog. ...
Void Step How many decoy hosts are randomized in this recon evasion technique Answer: 12 In Wireshark filter: (tcp.flags.syn == 1 && tcp.flags.ack == 0 ) && (ip.dst == 192.168.1.27) Explaination: Destination IP is found through manual inspection. For faster port scanning, we (or the attacker) perform the half-open scan, where SYN=1, ACK=0 (means: send only, no need response). Go to Statistics > Endpoints > IPv4, count the addresses, then minus 1 (the destination address, which we need to exclude). ...
Introduction I chose to start my hardware hacking journey with an attempt to live debugging a piece of hardware. As I am waiting for the necessary parts I need to arrive, I did some emulations of the STM32, so I might have the binary ready to flash the binary into the hardware by the times the parts arrive. As weird as it is to write about a failed attempt on a blog post, this is written to at least temporary record what I did, for potential future references. The code for this attempt would not be released, as I definitely do not want to embarrase myself. ...
Introduction To encourage and celebrate women/girls in cyber security, Re:Hack has organized this girls-only-CTF. As a woman, I really appreciate this effort and it feels incredibly inspiring. This is the first time that myself see so many girls and women gather in one place and all are incredibly passionate about this very technical field. So, I would like to give a very special thank-you to the organizers and all the challenge writers involved to make this sort of event possible. ...
pdf (Author: Connor Chang) Description: so sad cause no flag in pdf The challenge attachment can be found here: https://github.com/scriptCTF/scriptCTF2025-OfficialWriteups/blob/main/Forensics/pdf/attachments/challenge.pdf For this challenge, you can open up Firefox to view the hint in the given PDF, but for this approach, we won’t need to use it. All we have to do is using binwalk binwalk -e challenge.pdf In the extracted folder, click on (or cat) the text file (11B or something similar), the flag is in there ...
Step 1 lsblk The USB would likely to be something like sda or sdb (the same name with number is a partition). The easiest way to figure out which is your thumb drive is the size. Step 2 If the system mount any of your partition, you need to unmount them first before wiping. # Replace sdX1 with your actual partition identifier (e.g., sdb1) sudo umount /dev/sdX1 Step 3 Use wipefs command to completely erase all partition tables and filesystem signatures from the drive. ...