The earliest memory I have of ‘programming’ is in the early/mid 90s when my father brought home a computer from work. We could play games on it … so of course I took the spreadsheet program he used (LOTUS 123, did I date myself with that?) and tried to modify it to print out a helpful message for him. It … halfway worked? At least I could undo it so he could get back to work…

After that, I picked up programming for real in QBASIC (I still have a few of those programs lying around), got my own (junky) Linux desktop from my cousin, tried to learn VBasic (without a Windows machine), and eventually made it to high school… In college, I studied computer science and mathematics, mostly programming in Java/.NET, although with a bit of everything in the mix. A few of my oldest programming posts on this blog are from that time.

After that, on to grad school! Originally, I was going to study computational linguistics, but that fell through. Then programming languages (the school’s specialty). And finally I ended up studying censorship and computer security. That’s about where I am today!

But really, I still have a habit of doing a little bit of everything. Whatever seems interesting at the time!

AoC 2023 Day 5: Growinator

Source: Day 5: If You Give A Seed A Fertilizer

Full solution for today (spoilers!)

Part 1

You are given a set of initial values (seeds) and a series of range maps (where a range of numbers src..src+len maps to dst..dst+len). Apply each range map in tur, return the lowest resulting value.

read more...


AoC 2023 Day 4: Scratchinator

Source: Day 4: Scratchcards

Full solution for today (spoilers!). Note: I did slightly change my solutions template after writing this blog post, so the final solution is structured slightly differently than the code in this post. The functionality itself hasn’t changed.

Part 1

Simulate scratchcards. Given a list of winning numbers and guessed numbers, count how many guessed numbers are in the winning list. Your score is 1, 2, 4, 8, … for 1, 2, 3, 4, … matching numbers.

read more...


AoC 2023 Day 3: Gearinator

Source: Day 3: Gear Ratios

Full solution for today (spoilers!). Note: I did slightly change my solutions template after writing this blog post, so the final solution is structured slightly differently than the code in this post. The functionality itself hasn’t changed.

Part 1

Take as input a 2D grid of numbers or symbols (. represents empty space). Numbers will be 1 or more digits written horizontally which should be concatenated (.467* is the number 467 followed by the symbol *).

Sum all numbers that are adjacent (including diagonally) to at least one symbol.

read more...


AoC 2023 Day 2: Playinator

Source: Day 2: Cube Conundrum

Full solution for today (spoilers!). Note: I did slightly change my solutions template after writing this blog post, so the final solution is structured slightly differently than the code in this post. The functionality itself hasn’t changed.

Part 1

Play a game where you have some number of red, green, and blue dice in a cup, which you draw and roll (without replacement). Which game is possible with only 12 red, 13 gree, and 14 blue cubes?

Input will look like: Game 1: 3 blue, 4 red; 1 red, 2 green, 6 blue; 2 green

read more...


AoC 2023 Day 1: Calibrationinator

Source: Day 1: Trebuchet?!

Full solution for today (spoilers!). Note: I did slightly change my solutions template after writing this blog post, so the final solution is structured slightly differently than the code in this post. The functionality itself hasn’t changed.

Part 1

Given a list of alphanumeric strings, find the first and last digit on each line (they may be the same). Concatenate each pair and sum them.

read more...


Advent of Code 2023

Another year, another Advent of Code.

Like last year, we’re doing Rust. I’ve really grown to love the language since last year… and hopefully I’ve learned a bit more about how to write more ‘proper’ Rust. I know I had some issues last year. Functional… but it could be better.

Let’s see how it goes!

For full solutions, as always, I post to GitHub (including previous years and possibly some I haven’t written up yet): jpverkamp/advent-of-code

read more...


Rebuilding Streams with TShark

Another quick post in a list of CTF techniques: filtering streams with tshark. tshark is the command line half of the packet capture tool Wireshark. The advantage here is it let’s you do all manner of filtering on the command line.

read more...


Mongo DB Data Exfiltration via Search Conditions

I recently participated in a security capture the flag (CTF) exercise through work. The goal was–in a wide variety of ways–to find a hidden string of the form flag{...} somewhere in the problem. Some required exploiting sample websites, some parsing various data formats or captures, some required reverse engineering code or binaries, and (new this year) some required messing with LLMs.

As I tend to do for just about everything, I ended up writing up my own experiences. I won’t share that, since it’s fairly tuned to the specific problems and thus 1) not interesting and 2) probably not mine to share, but I did want want to share a few interesting techniques I found/used. If it helps anyone either defend against similar attacks in the real world or (more importantly đŸ˜„) someone comes across this while trying to solve a CTF of their own, all the better.

Okay, first technique: extracting data from a MongoDB database using search conditions.

read more...