About This Blog.

Posted on 08 Jul 2019 by Aadi Bajpai

Last updated 02 Mar 2020 at 8:55 am
permalink
Pinned post

Hello

I'm not going to write anymore on my Medium (too much pay to play), and this is where new posts will be published.

I love this blog, although it is a relative pain to maintain, purely because of this retro vibe it has going on.

It is pretty formal as well, which is how I imagine myself writing (all hunched over a typewriter by candlelight lol).

The source code of this blog is at https://github.com/aadibajpai/blog. It is composed solely of linux utilities and I am a Windows pleb unfortunately. This meant configuring a lot of stuff to work with wsl and figuring out how to run the Windows Sublime Text program from inside wsl to create and edit posts like this one. Previously, I used to actually ssh into a linux server just to run the blog, that's how much I like it.

This also serves as a test blog post.

Lorem Ipsum or whatever.

import __hello__ # This should be inline code

Now, let's try a code block.

from __future__ import braces
import antigravity
# A few Python easter eggs and also an example of a code block

italics and bold

Thanks for visiting, stay to read a couple of posts :)

If you have something to say about this blog (appreciation appreciated, criticism appreciated even more not really) then please go ahead and contact me at [email protected]

WPICTF 2020 Writeup(s)

Posted on 20 Apr 2020 by Aadi Bajpai

Last updated 20 Apr 2020 at 7:13 pm
permalink

A couple of days ago, me and a couple of other GCI winners decided to participate in the WPI CTF out of quarantine boredness, we ended up finishing #14 which I think was pretty great since we were all just doing it for fun.

This is a writeup for the Luna steganography challenge, because that's the one I found the most interesting.

Luna

They say the full moon makes people go crazy... hopefully this stego won't have the same effect on you!

Luna

So as you see, we start off with a Luna.tar.xz file which on decompressing gives a Luna.tar file which on further unzipping gives a file named 1.png and a zipped folder with two password protected files—Just In Case.png and jut.

Clearly, we're supposed to start out with 1.png which in looks is nothing but an all white image.

1.png

I ran the stegoveritas tool on it to examine further and it printed a lot of metadata and exif info and carved out a couple of .zlib files. Interestingly, the metadata had 2 fields that stood out:

  1. StudyPhysician: awcIsALegendAndIHopeThisIsAStrongPasswordJackTheRipperBegone
  2. Description: oops, all #FFD2A4#

From the first, we have our password! The jut file seemed absolute gibberish while Just In Case.png was a screenshot from gimp.

Just In Case

Looking at jut from a hex editor, the first 3 characters were interesting: BPS

Upon googling, a .bps file is one used to patch ROMs on SNES emulators and stuff so I downloaded Flips, a patcher for BPS files.

I tried to patch jut on 1.png but welp, no dice.

Circling back, we hadn't yet used the 2nd line from metadata nor Just In Case.png so it has to do something with those.

Read the entire post

How To Google Code-in

Posted on 12 Jul 2019 by Aadi Bajpai

Last updated 27 Nov 2019 at 9:29 am
permalink

I originally wrote this way back in early 2018 but it's still valid today.

Googleplex - where the winners go

If you read this in time for Code-in 2019 and are aged between 13 to 17, you might be in luck, for this post might just help you out. It would’ve made it easier for me too, if this existed before I won. I list some pro tips that I feel would be useful in order to fully experience GCI.

The aim of the contest is to simply encourage young developers to get started with open-source. Interestingly, unlike other contests, not everyone participates in GCI to truly win. Yes, I hear you, the Grand Prize is an all expenses paid 4 days trip to fucking Googleplex and here you see me saying some people don’t really concentrate on that. It is true though, a participant can approach Code-in two ways-

  1. Quickly complete 3 noob tasks (including 2 beginner tasks) which guarantees you a Google Code-in t-shirt and call it quits. It’s that simple, you could do that in just a day.

  2. Work constantly through the 7 weeks and go all in hoping for the big prize.

Unsurprisingly, most people go with the first option. Google Code-in 2017 had 3555 students who completed 16468 tasks. That averages to a bit over 4 tasks per student. (I did 21 - and that’s just the tasks I could claim)

Let’s say you don’t want to settle for a t-shirt and are willing to focus on GCI neglecting sleep/studies/social life/whatever. In that case, read on, we’re jumping to the meat of it now. (I’m presuming you know the basics about the contest.)


You need to understand there’s no specific skill set that will help you win GCI, there’s no sure bet that being very proficient in insert language will make sure you win. That’s not how it works, which brings us to the first pro tip-

Read the entire post