Git: Your branch is based on 'origin/branch', but the upstream is gone.

Since I've added remote branch on my local repository, and when I'm going to checking out a remote branch, I got an error/warning message like the title of this post above. After googling same keywords of the warning message, there was who asked on stackoverflow with the same error message like me.

$ git checkout apps-devel
Checking out files: 100% (208/208), done.
Switched to branch 'apps-devel'
Your branch is based on 'hsp/apps-Dev', but the upstream is gone.
  (use "git branch --unset-upstream" to fixup)

For your information, the original remote branch is hsp/apps-Dev and I've rename it to apps-devel. I try to pull a remote branch as well, and get another message like below:

$ git pull hsp
Your configuration specifies to merge with the ref 'refs/heads/apps-Dev'
from the remote, but no such ref was fetched.

So this is how to fix it.
First open the git config on your local repo (generally the location at .git/config). Here are my configs for the remote branch:

[branch "apps-devel"]
 remote = hsp
 merge = refs/heads/apps-Dev

and I change it to

[branch "apps-devel"]
 remote = hsp
 merge = refs/heads/apps-devel

Then let's checking it again

$ git pull hsp
Already up-to-date.

$ git status
On branch apps-devel
Your branch is up-to-date with 'hsp/apps-devel'.

nothing to commit, working tree clean

As you can see above, no more warning message again.

Happy Independence day Indonesia! 🇮🇩
Hiduplah Indonesia Raya 🇮🇩

Accessing windows file sharing in Linux

Well, my Dev team mate have a Linux server for build some projects, and they wanted to access their files from Linux by remote/konsole mode, in this case their files are on Windows. So, here are their files sharing on Windows system.
As you can see above, we will access on those folder Autogenerated and Resources. So, here's the step to make it accessible from Linux.
Installing a requirements packages

# apt-get install cifs-utils

After that then go to /etc/nsswitch.conf and edit it:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

add "wins" on that line

hosts:  files mdns4_minimal [NOTFOUND=return] wins dns mdns4

If winbind is not installed on Linux system, please install it by this issue command:

# apt-get install libnss-winbind winbind

Now reload the network to take effect:

# service networking restart

Mounting drive
Backup the fstab configuration to avoid any mistaken in the future.

# cp /etc/fstab{,.old}

Now create a credential user files who will accessing the folder share files on current linux user.

# printf '%s\n' 'username=darm' 'password=******' > .smbuser

Next, we should know the UID and GID on the system. Run the following command

# id programmer
uid=1000(programmer) gid=1000(programmer) groups=1000(programmer),27(sudo),7001(wksadmin)

Create folder for mounting point.

# mkdir /media/prg
# mkdir /media/prg2

Then we open fstab file to start mounting point, and put this line on it.

//Workstation/AutoGenerated /media/prg cifs credentials=/home/programmer/.smbcredentials,iocharset=utf8,gid=1000,uid=1000,file_mode=0777,dir_mode=0777 0 0
//Workstation/Resources /media/prg2 cifs credentials=/home/programmer/.smbcredentials,iocharset=utf8,gid=1000,uid=1000,file_mode=0777,dir_mode=0777 0 0

Save your configuration, and reload the fstab

# mount -a

Now let's take a look the result. :D

[Write-up] FIT-Hack CTF 2017 - Forensic [150]

OK, langsung saja download flag.zip yang di berikan seperti diatas.

Sebelumnya, mari kita cek dahulu flagnya.

$ file flag.png 
flag.png: PNG image data, 960 x 5, 8-bit/color RGBA, non-interlaced

Bisa kita cek lebih dalam lagi file nya dengan binwalk.

$ binwalk flag.png 

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
253           0xFD            Zlib compressed data, default compression
330           0x14A           PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
392           0x188           Zlib compressed data, default compression
469           0x1D5           PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
---snip---
7514          0x1D5A          Zlib compressed data, default compression
8404          0x20D4          PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
8466          0x2112          Zlib compressed data, default compression
9249          0x2421          PNG image, 960 x 5, 8-bit/color RGBA, non-interlaced
9311          0x245F          Zlib compressed data, default compression

Setelah itu estrak file gambarnya menggunakan foremost.

$ foremost -v flag.png 
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File

Foremost started at Fri Apr 14 00:57:40 2017
Invocation: foremost -v flag.png 
Output directory: /home/darm/CTF/FITHACK/forensic/aw/output
Configuration file: /etc/foremost.conf
Processing: flag.png
|------------------------------------------------------------------
File: flag.png
Start: Fri Apr 14 00:57:40 2017
Length: 82 KB (84177 bytes)
 
Num  Name (bs=512)        Size  File Offset  Comment 

0: 00000000.png        330 B            0    (960 x 5)
1: 00000000_1.png        139 B          330    (960 x 5)
2: 00000000_2.png        139 B          469    (960 x 5)
3: 00000001.png        139 B          608    (960 x 5)
4: 00000001_1.png        139 B          747    (960 x 5)
5: 00000001_2.png        139 B          886    (960 x 5)
6: 00000002.png        139 B         1025    (960 x 5)
7: 00000002_1.png        139 B         1164    (960 x 5)
8: 00000002_2.png        139 B         1303    (960 x 5)
9: 00000002_3.png        139 B         1442    (960 x 5)
10: 00000003.png        254 B         1581    (960 x 5)
11: 00000003_1.png        357 B         1835    (960 x 5)
12: 00000004.png        516 B         2192    (960 x 5)
13: 00000005.png        603 B         2708    (960 x 5)
14: 00000006.png        657 B         3311    (960 x 5)
15: 00000007.png        764 B         3968    (960 x 5)
16: 00000009.png        932 B         4732    (960 x 5)
17: 00000011.png        895 B         5664    (960 x 5)
18: 00000012.png        893 B         6559    (960 x 5)
19: 00000014.png        952 B         7452    (960 x 5)
20: 00000016.png        845 B         8404    (960 x 5)
21: 00000018.png         1 KB         9249    (960 x 5)
22: 00000020.png        901 B        10328    (960 x 5)
23: 00000021.png        936 B        11229    (960 x 5)
24: 00000023.png        946 B        12165    (960 x 5)
25: 00000025.png         1 KB        13111    (960 x 5)
26: 00000027.png        795 B        14142    (960 x 5)
27: 00000029.png        927 B        14937    (960 x 5)
28: 00000030.png        976 B        15864    (960 x 5)
29: 00000032.png        726 B        16840    (960 x 5)
30: 00000034.png        895 B        17566    (960 x 5)
31: 00000036.png        983 B        18461    (960 x 5)
32: 00000037.png         1 KB        19444    (960 x 5)
33: 00000039.png       1019 B        20473    (960 x 5)
34: 00000041.png         1 KB        21492    (960 x 5)
35: 00000044.png         1 KB        22760    (960 x 5)
36: 00000047.png        975 B        24130    (960 x 5)
37: 00000049.png         1 KB        25105    (960 x 5)
38: 00000051.png         1 KB        26239    (960 x 5)
39: 00000053.png        954 B        27272    (960 x 5)
40: 00000055.png         1 KB        28226    (960 x 5)
41: 00000057.png         1 KB        29528    (960 x 5)
42: 00000060.png         1 KB        30765    (960 x 5)
43: 00000062.png         1 KB        32207    (960 x 5)
44: 00000065.png         1 KB        33520    (960 x 5)
45: 00000068.png         1 KB        34835    (960 x 5)
46: 00000070.png       1024 B        36058    (960 x 5)
47: 00000072.png        850 B        37082    (960 x 5)
48: 00000074.png         1 KB        37932    (960 x 5)
49: 00000076.png        844 B        39000    (960 x 5)
50: 00000077.png         1 KB        39844    (960 x 5)
51: 00000079.png         1 KB        40899    (960 x 5)
52: 00000081.png        965 B        41927    (960 x 5)
53: 00000083.png        901 B        42892    (960 x 5)
54: 00000085.png        879 B        43793    (960 x 5)
55: 00000087.png         1 KB        44672    (960 x 5)
56: 00000089.png        862 B        45871    (960 x 5)
57: 00000091.png        944 B        46733    (960 x 5)
58: 00000093.png         1 KB        47677    (960 x 5)
59: 00000095.png         1 KB        48788    (960 x 5)
60: 00000097.png         1 KB        50164    (960 x 5)
61: 00000100.png         1 KB        51236    (960 x 5)
62: 00000102.png         1 KB        52302    (960 x 5)
63: 00000104.png         1 KB        53454    (960 x 5)
64: 00000106.png         1 KB        54677    (960 x 5)
65: 00000109.png         1 KB        55882    (960 x 5)
66: 00000111.png         1 KB        57143    (960 x 5)
67: 00000113.png         1 KB        58175    (960 x 5)
68: 00000115.png         1 KB        59223    (960 x 5)
69: 00000117.png        997 B        60313    (960 x 5)
70: 00000119.png        931 B        61310    (960 x 5)
71: 00000121.png        882 B        62241    (960 x 5)
72: 00000123.png        939 B        63123    (960 x 5)
73: 00000125.png        858 B        64062    (960 x 5)
74: 00000126.png        854 B        64920    (960 x 5)
75: 00000128.png        943 B        65774    (960 x 5)
76: 00000130.png        885 B        66717    (960 x 5)
77: 00000132.png        881 B        67602    (960 x 5)
78: 00000133.png        996 B        68483    (960 x 5)
79: 00000135.png         1 KB        69479    (960 x 5)
80: 00000137.png         1 KB        70558    (960 x 5)
81: 00000139.png         1 KB        71664    (960 x 5)
82: 00000142.png         1 KB        72726    (960 x 5)
83: 00000144.png        863 B        73797    (960 x 5)
84: 00000145.png        976 B        74660    (960 x 5)
85: 00000147.png        790 B        75636    (960 x 5)
86: 00000149.png        713 B        76426    (960 x 5)
87: 00000150.png        689 B        77139    (960 x 5)
88: 00000152.png        732 B        77828    (960 x 5)
89: 00000153.png        566 B        78560    (960 x 5)
90: 00000154.png        554 B        79126    (960 x 5)
91: 00000155.png        472 B        79680    (960 x 5)
92: 00000156.png        402 B        80152    (960 x 5)
93: 00000157.png        307 B        80554    (960 x 5)
94: 00000157_1.png        357 B        80861    (960 x 5)
95: 00000158.png        435 B        81218    (960 x 5)
96: 00000159.png        403 B        81653    (960 x 5)
97: 00000160.png        432 B        82056    (960 x 5)
98: 00000161.png        290 B        82488    (960 x 5)
99: 00000161_1.png        287 B        82778    (960 x 5)
100: 00000162.png        139 B        83065    (960 x 5)
101: 00000162_1.png        139 B        83204    (960 x 5)
102: 00000162_2.png        139 B        83343    (960 x 5)
103: 00000163.png        139 B        83482    (960 x 5)
104: 00000163_1.png        139 B        83621    (960 x 5)
105: 00000163_2.png        139 B        83760    (960 x 5)
106: 00000163_3.png        139 B        83899    (960 x 5)
107: 00000164.png        139 B        84038    (960 x 5)
*|
Finish: Fri Apr 14 00:57:40 2017

108 FILES EXTRACTED
 
png:= 108
------------------------------------------------------------------

Foremost finished at Fri Apr 14 00:57:40 2017

Euw, ternyata banyak juga, ada 108 files yang berhasil di ekstrak.

$ cd output/
$ ls
audit.txt  png
$ cd png/
$ l
00000000_1.png  00000002.png    00000012.png  00000029.png  00000047.png  00000068.png  00000085.png  00000104.png  00000123.png  00000139.png  00000154.png    00000161.png
00000000_2.png  00000003_1.png  00000014.png  00000030.png  00000049.png  00000070.png  00000087.png  00000106.png  00000125.png  00000142.png  00000155.png    00000162_1.png
00000000.png    00000003.png    00000016.png  00000032.png  00000051.png  00000072.png  00000089.png  00000109.png  00000126.png  00000144.png  00000156.png    00000162_2.png
00000001_1.png  00000004.png    00000018.png  00000034.png  00000053.png  00000074.png  00000091.png  00000111.png  00000128.png  00000145.png  00000157_1.png  00000162.png
00000001_2.png  00000005.png    00000020.png  00000036.png  00000055.png  00000076.png  00000093.png  00000113.png  00000130.png  00000147.png  00000157.png    00000163_1.png
00000001.png    00000006.png    00000021.png  00000037.png  00000057.png  00000077.png  00000095.png  00000115.png  00000132.png  00000149.png  00000158.png    00000163_2.png
00000002_1.png  00000007.png    00000023.png  00000039.png  00000060.png  00000079.png  00000097.png  00000117.png  00000133.png  00000150.png  00000159.png    00000163_3.png
00000002_2.png  00000009.png    00000025.png  00000041.png  00000062.png  00000081.png  00000100.png  00000119.png  00000135.png  00000152.png  00000160.png    00000163.png
00000002_3.png  00000011.png    00000027.png  00000044.png  00000065.png  00000083.png  00000102.png  00000121.png  00000137.png  00000153.png  00000161_1.png  00000164.png

Setelah melihat gambar hasil dari ekstrakan diatas, kalau dilihat satu persatu isi gambar adalah potongan-potongan gambar yang tidak lain adalah Flag yang kita cari-cari. Terus gimana gabunginnya? Caranya cukup mudah, kita bisa menggunakan tool dari ImageMagick yaitu convert.

$ convert -append *.png out.png

Flag: FIT{6xgwxloxq79ew}

[Write-up] FIT-Hack CTF 2017 - Trivia

Soal yang diberikan yaitu Trivia, and here you go.

Trivia1 [10]

A bug found in bash causes arbitrary code to be executed remotely
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{SHELLSHOCK}


Trivia2 [10]

A dog breed that exists in version 3.0 of SSL.
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{POODLE}


Trivia3 [10]

VyOS 1.0.0 - 1.0.5
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{HYDROGEN}


Trivia5 [10]

Nickname of SHA-1 collision attack done by Google and CWI.
Flag format: FIT{[Capital letters and no spaces]}

Flag: FIT{SHATTERED}

[Write-up] FIT-Hack CTF 2017 - Web [50]

Seperti yang terlihat pada challenge diatas, langsung saja kita akses pada link url https://look.problem.ctf.nw.fit.ac.jp, dan ternyata tidak ada apa-apa disana. Sesuai dari Hint yang diberikan "Look quickly", saya langsung cek response headers dari website tersebut.

Did you see the flag?

Yes, flag langsung muncul pada response headers yang terletak di set-cookie, tapi disitu terlihat ada URL encoding pada flag, dan gampang saja kita bisa melakukan decode flag melalui situs penyedia layanan URL decode seperti dibawah ini.

Flag: FIT{17_i5_n07_4_c00ki3_t0_3a7}