As a teaching assistant for a handful of cybersecurity classes at Iowa State, I’ve had the opportunity to create content that is used in labs and projects. One of the best parts of the job is devising malicious machines and nefarious networks that the students have to break into or secure, and I decided to do something new for part of the final project this semester: give them a box to secure where the shell they’re interacting with is constantly harassing them. I love my job.
Last week, I had the wonderful opportunity to give a presentation to Iowa State’s Information Assurance Student Group (IASG). Months ago, when I was meeting with the other IASG cabinet members to decide what we’d all present on, I floated the idea that I could present on physical security. After all, it’s something that I’m very interested in, I enjoy exposing other people to this information, and it’s something that just does not come up in our university’s security curriculum. I was given the green light to talk about physical security, though of course that’s like signing up to give a presentation on “math” or “computers”. It’s a big world, and I wasn’t sure what I wanted to focus on. In the end, I decided not to focus on anything for the whole talk, instead running through a handful of topics, concepts, and tools that I personally think are really cool. My hope was to just get a few members of the audience interested enough that they’d go home and research some more of these cool ideas on their own, and based off of the feedback I’ve received since giving the talk I’d say I was successful.
As a longtime member of the Information Assurance Student Group (IASG) at Iowa State, I’ve made it a goal to solve all of the CTF puzzlers created by the cabinet for club members to solve (shoutout to Nic Losby for making these puzzlers for the club). After receiving the blessing of the cabinet to publish these answers, I wrote up my thought processes and solutions to all of the puzzlers published throughout the fall of 2018. Be warned: while I did eventually solve all of the puzzles, I definitely am not an authority on CTFs, as you’ll doubtless realize when you see my convoluted and inefficient thought processes. That being said, I had a lot of fun solving these, and I definitely recommend that you try them on your own before reading my solutions. Without any further ado:
I decided it’d be nice to have a few photos from the DEF CON 26 Social Engineering Capture The Flag up on my site, so without any further ado:
(Author’s note: throughout this post, I’m going to speak somewhat vaguely about what information I found and where, and I will never say exactly what company I targeted.)
Hello, world. This is the start of Jack Potter’s blog/portfolio/domain squatting venture. This post might be removed once I get my act together and start pushing up real content, but I like the idea of my first post always being a “Hello, world” message.