The Status of phpGolf

As the former creator and maintainer of phpGolf.org, people ask me what happened to the php code golfing site and why it is down. The reason was basically that the server owner wanted to change to another hosting vendor. Since I was out of the country for a year, without proper access to my developing infrastructure, and limited amount of spare time, it just never got back online. If the site was to get back now, it would require another dedicated person to rewrite the old code, polish the design, dockerize it, and basically carry the whole thing. The source can be found on GitHub, except for the challenges, but I can provide those for anyone interested.

_config.yml

I will now show off two of the most impressive work from the public challenges. They were submitted in 2012 by the talented primo, whom had the top score on all challenges. The encoding used to calculate the filesize was ISO-8859-1.

Cantor’s Enumeration

Challenge description: Print out the 100 first numbers in Cantor’s Enumeration.

_config.yml

Leading submission with 57 byte:

<?for($f=µ;++.++-49;--$$f?--$$f:$f^=C)echo" / 
";

Shown in hex: _config.yml

By comparrison, this was the next shortest submission from the user JWvdVeer with 76 bytes:

<?for(;$x++.$y++^49;$b--?${$a%2?x:y}-=2:--${(1&$b=++$a)?y:x})echo"$x / $y
";

Pathing

The challenge description were as follows:

  • The constant MAP will contain one random map.
  • Your program should output, to standard out, one single number, the shortest distance from . to X. (alas, how many moves are the absolute minimum to get from the spot marked with ‘.’ to the spot marked with ‘X’)
  • Do not include the starting position, but include the end position.
  • The map will always be closed, i.e. they will have a wall that reaches all the way around.
  • The map are of random size, but no map will be greater than 50*50.
  • The map may not always be square, but will always be rectangular.
  • You may only move up, down, left or right. No diagonals.

Example input value (Given in the MAP constant on runtime):

####################################
####################################
####### ############################
######  .###########################
######   ##############X ###########
#####     ##############  ##########
##### #  ############  ## ##########
#####       #######    #   #########
#######     ##### #      ###########
########  #####           ##########
########   #### ####   #############
########  #  #  ####   #############
########         ###################
#########        ###################
####################################

Example answer: 36

This was the leading submission with only 118 bytes.

<?for(;—^$f=$m[strpos($m=~MAP,Ñ)+$c=~(%2*strpos($m,õ))*~-(&2)+$p=$a[++/5-3]];)${$$f|$$c?z:$a[]=$c}=$$p+1;echo$z;

And as shown in hex: _config.yml

I will follow up with a post about tips and tricks for golfing in php later on, which will explain some of the weird things going on here.

Read More

Offensive Security PWK/OSCP Review

Intro

Aside from an ethical hacking class at the university, I had no other experience with internal network penetration testing before hand, so I was quite fresh when starting at the PWK labs. Over the coarse of about six months I had 90 days of lab time, but real work and personal life took away much of the time, rendering me only with about 30 productive days in the lab.

Read More

SANS SEC542/GWAPT Review

I February 2017 I participated in the SANS course SEC542 “Web App Penetration Testing and Ethical Hacking” held by Spanish instructor Raul Siles in Oslo, which I followed up taking the certificate attempt for GIAC GWAPT. Here is my feedback on it.

Class Environment

The course was held in Radisson Blu Plaza Hotel which was really amazing. The class room was clean, big and everything you would expect from a premium hotel. Everything from coffee, smoothies, cookies, fruits and other small dishes were available throughout each day, right outside the class room. In the first days we were disappointed by the lunch, because it was too little food. We were just given a single plate with some grams of fancy food on it. This was quickly changed and we got free for all buffet with tenderloin and other premium tasty food for the rest of the course.

Class Content

The course material is of really high quality and seems to be updated and polished by feedback after each held course. I wish we also got the material as PDFs and not just on paper, but the reasoning being pirating issues. The amount of theory and practice seems perfect, but overall the material is rushed through. The reason is that there is so much content and so little time. Be aware that if you lack general Linux and web skills you will fall behind very quickly. I would never suggest going to this class without the prerequisites described in the course details. I also think you will learn a lot from this course even if you know 90% of the content before hand, because you will relearn everything from a another angle and make you think differently about things. The CTF contest was really fun and a perfect ending for the course!

Each day lasted from 9:00 a.m. to 5:00 p.m and the content was structured over the week like this:

  • Introduction and Information Gathering
  • Configuration, Identity, and Authentication Testing
  • Injection
  • JavaScript and XSS
  • CSRF, Logic Flaws, and Advanced Tools
  • Capture the Flag

I wish each day started earlier and/or lasted longer to get through the content at a more peaceful phase.

The Instructor

The instructor, Raul Siles seems highly technically talented and always keeps up with the scene. The only issue I have with him is that his English is far from perfect, pronouncing words with heavy accent. Mix this with his really fast way of talking and you have a bad combo. He is also a mastermind at referencing The Matrix, which I regard as an important skill.

The GIAC GWAPT Certification

Some time after the course I started a practice exam without rereading the content to see where I was standing. I passed the exam with ease, which is built up of 75 questions with multiple choice answers. I can’t stress enough how bad this concept is, because this is the worst form of an exam there is. A certificate should be practical and hard, to reward talented people and not be available to anyone with money. Not only are questions stupid, but there are questions that try to trick you, which doesn’t prove anything at all. Questions like “How do you write a comment in programming language X?” is worthless. I would say about 20-30% of the questions from the practice exams is included in the final exam, and if you really want to, I bet there are brain dumps all around on the Internet. I gave feedback on a lot of questions and we will see if they will do anything about them.

I really hope no employer takes this certificate seriously, because this is pure pay to get. I will probably write another blog post about how rotten the certificate industry is and compare each one.

Pricing

The total price for the whole course including two online practice exams and an actual formal exam on location was 6509 EUR. I was lucky enough to live nearby so I didn’t have to rent a hotel room during the course, which would up the price even more. Although the course is quite expensive, I honestly think you get more from this one week than multiple classes at a university. The course costs lot of money and feels like a robbery when you compare it to PWK/OSCP, where you get 30 days lab time, course material and a certification attempt for $800. The GIAC certification also only lasts four years, which means you need to spend even more money on renewing them. Though you can partake in another course to renew your other certifications, which doesn’t make any sense, other than to get more money.

Read More

Riddles in the Dark - Blue Eyes

This riddle, or rather puzzle or what you want to call it got famous from xkcd and you can read the challenge there, but myself and others got confused from the wording. Here I will present my own version, which I think is more simple and clear. The “offical” answer is very beautiful, but I will here present my alternative solution as well.

My Wording of the Puzzle

On an island there is 100 blue eyed and 100 brown eyed men. The men are all very intelligent and to quote the xkcd wording “if a conclusion can be logically deduced, they will do it instantly”. They don’t know their own eye color and if they find out, they will magically be teleported to paradise at midnight, but they need to be 100% sure of their color. They can not communicate with each other in any form. They can just observe. One day an angel comes down from the sky and says infront of them all: “I see someone with blue eyes”, then the angel leaves and never returns.

Who will leave the island and on which day?

Here are some other pointers:

  • They can not see the reflection of their eye color from the water or anything of the kind.
  • It’s not relevant how long they have been on the island.
  • There is no stupid answer. The answer is pure logic and really amazing.
  • The angel is not relevant. They could just as well have found a note on the ground stating the same thing.
  • Remember that every blue eyed person see 100 brown eyed and 99 blue eyed, and it’s tempting for every blue eyed to assume there is 100 of each and that way know their color, but there might be 101 brown and 99 blue eyed. And it’s of course vice versa.
  • What do you mean by “which day”? Well, there is only one referance point.

My Problems with the Original Wording

  • Introducing a “guru” with green eye color. Useless information that pollutes the puzzle.
  • Mentioning a ferry might indicate that there is a captain that they need to submit their eye color to. What if anyone is listening when a person submits his answer? And is there a restriction on how many times they can try to leave with the ferry? Can a person try “blue” one day and “brown” the next?

The “Offical” Answer

You can read the answer on xkcd, but I will try with my own wording here.

If we start with only one blue eyed and one brown eyed, the answer is simple. After the angel speaks, the blue eyed will look at the brown eyed and instantly know that himself must have blue eyes and leave day 1.

Notice this answer applies also if there was 1000 brown eyed and 1 blue eyed.

If there was two blue eyed and 1 brown eyed on the island, the blue eyed can think like this “If I have brown eyes, then this dude with blue eyes will know for certain that he has blue eyes, because he sees two brown eyed, and will leave today. If he doesn’t leave today, then I must also have blue eyes”. They both think like this, because they are equal intelligent and they will both observe that the other guy didn’t leave on the first day and they will both leave on day 2. Notice also that we can introduce 1000 brown eyed and there will be no difference, so we can conclude that the brown eyed are irrelevant and will never leave.

If there was three blue eyed, then each of them see two other blue eyed and thinks “If I have brown eyes, these two blue eyed will leave on day 2”. Now, if the other two doesn’t leave on day 2, each person knows they have blue eyes and leaves day 3.

See a pattern now? The 100 blue eyed will leave the island on day 100. Every person must use the same logic and think “I see 99 blue eyed, then if no one leaves on day 99, then I must have blue eyes as well and leave the next day”.

If you think you get the answer you can try asking yourself these questions quoted from the xkcd answer:

  • What is the quantified piece of information that the Guru/angel provides that each person did not already have?
  • Each person knows, from the beginning, that there are no less than 99 blue-eyed people on the island. How, then, is considering the 1 and 2-person cases relevant, if they can all rule them out immediately as possibilities?
  • Why do they have to wait 99 nights if, on the first 98 or so of these nights, they’re simply verifying something that they already know?

My Alternative Answer

It starts with one guy just standing up. Then another guy will stand next beside him. Let’s say one has blue and one has brown eyes. They have now formed this row: B/B (Bold being blue and regular brown)

The third person will see the colors of these guys and he will place himself in the middle. It doesn’t matter which color his eyes are, but let’s say they are brown. Updated Row: B/B/B

If the two initial guys have both the same color, the third guy will just move to one of either side.

The forth guy comes and he will place himself in the middle where blue and brown eyed are separated. His goal is to have one blue eyed and one brown eyed on each side. Let’s say he has blue eyes, which makes the row like this: B/B/B/B

The next guy will do the same and so on, until everyone is standing in the row, where the 100 men from the left is blue and the 100 men on the right is brown eyed.

Now everyone will know their eye color, just by looking around, except the two guys in the middle. They don’t know where the distinction between blue and brown is. They will see only blue eyes in one direction and only brown in the other, but they can’t know their own color. But for the other 198 men, they can leave the island on day 1.

I submited this answer to Randall (the creator of xkcd), but he claimed this answer was not valid because there was too much communication between the men :’(

Read More

Coherent Knowledge-based Operations (CKO)

I was introduced to CKO in the class Information Warfare at my university (NTNU). I couldn’t gather much information about it online, so I decided to share some notes about what my understanding of it is.

Read More

You're up and running!

Next you can update your site name, avatar and other options using the _config.yml file in the root of your repository (shown below).

Read More