https://blog.zars.me/tags/system/Recent content in System on Tyler's BlogHugoen-us© AthulMon, 20 Nov 2023 12:13:32 +0530https://blog.zars.me/posts/kali-headless-setup/Mon, 20 Nov 2023 12:13:32 +0530https://blog.zars.me/posts/kali-headless-setup/Overview I wanted to be able to use an old Intel NUC for a headless Kali instance. I came into a lot of problems with Kali’s defualt TightVNCServer being a gray (grey?) screen and found the solution below to work perfectly. I enable autologin for headless operation to run my userspace application launching VNC but with the option to also SSH in assuming that doesn’t work. This solution will make the defualt desktop on our fake display adapter available over VNC.https://blog.zars.me/posts/elgato-key-light/Wed, 02 Aug 2023 12:13:32 +0530https://blog.zars.me/posts/elgato-key-light/Overview The Elgato Key Light Air has a hidden unprotected HTTP API running on the device at all times. This API lives behind port 9123 and allows for information GETting and PUTting. This allows anyone to get the current configuration of the light and update those values. The original source for the finding of this API can be found here. The JSON used for the GET/POST request looks like this:https://blog.zars.me/posts/heroctfv5/Mon, 15 May 2023 12:13:32 +0530https://blog.zars.me/posts/heroctfv5/Overview HeroCTF was my first solo team attempt at CTF’ing. It was a blast and huge props to the authors of the challenges. I had fun solving all the ones I did and had plenty of time to experiment with the ones I couldn’t. The CTF was hosted here: link. I’ll break down my solves below in no particular order. dev.corp 1/4 The famous company dev.corp was hack last week.. They don't understand because they have followed the security standards to avoid this kind of situation.