Yo.
Bien remis du FIC / EC2 / Taff ? 😉
Last week, on a lancé un claude en roue libre sur @digitalocean et vous l'avez prompt'tué.
Gg ! On remet ca ??
La rediff > https://www.youtube.com/live/_KCU7i5pXv8
Mardi dernier, on écoutait @Icare1337 @truffzor et @sigabrt9 nous parler d'exploit PostScript, que ce soit en code, en pwn, en web, ou en client lourd 😏
Et vous... Vous reprendrez bien une tasse d'injections GS ? ☕️
Heya! 😼
Last Tuesday, Flora (twitch floratheexplorer_cyber) & I spent some time crafting, playing, and PoC'ind n-days.
Demo gods were clearly against us, but hey... We won. 😎 Wekan SSRF full read & Winrar unrar to RCE! 🔥
Hoy ! ⚔️
Prochain stream Mardi 10 à 20h ! 🪚
⚠️ c'est 1h plus tôt que d'hab ET en anglais 🌎️
Au programme ?
PoC de N-day Ft. FloraTheExplorer! 💌
https://www.twitch.tv/floratheexplorer_cyber
https://www.twitch.tv/thelaluka
Replay de Mardi dernier ⬇️
En vous souhaitant une belle journée 🌻
An... Encrypted PostCard ?
Not too long ago, a close friend sent me a postcard! 💌
It contained a quite specific message; here is the full story! 🌷
- Ok, the card is related to encryption. We have a QR code; what's inside??
- So we do have a PGP encrypted message, but where is the key??
I spent a few hours trying to make sense of the orange bars -> artifacts left by the postal service; they weren't there when sent...
Spent some time on steg & other QR codes & bars? Nothing too specific... Then WHERE?
At some point, I noticed really small, darker dots, like a marker changing direction leaving a dot of "ink," but no real text, nothing showing up... I asked my friend "Should I heat it or something like lemon juice inks?" and the quick response was "Nope, do not alter the postcard, things can be read with the physical object without destructive actions" or more like "NO DO NOT BREAK IT LMAO" 🙄
- So... There were hints of ink, and the physical object was needed to get the key... Nothing under the sun, nothing with my mobile phone flash, nothing... What if it's ink, but one that we can't see? I sent a "Hey, could this be UV light?" to my friend to not waste time -read "cheat"- on dead ends...
IT'S A MATCH!
Now the question becomes: How do you get UV light, without being a doctor, without buying an extra item you'll use once in your lifetime, etc...
I quickly thought about two options:
- 1: A friend of mine helped me fix a table by applying a specific resin that dries with UV light. Why not?
- 2: Drying with UV light... Like... Nail paint?? *calls gf's little sister to borrow her nail UV light*
One week passes, the UV lamp comes with a nice family weekend, and I can now read the key!! 🥰
BUT! (There's always a BUT...)
Nothing decrypts, why is this?
After a few variations attempted, it turns out my friend had a few drinks; remember kids, don't drink'n'encrypt for your own safety!
It was actually a new-line not well handled by CLI options, but pasting the new line in any UI gpg prompt worked! 👌
Thanks for reading, and Thanks Kelia for the kind thoughts! 💟
