Categoría: English

A Simple Battle

It was supposed to be a battle of the utmost simplicity. It was just another one of the scenarios prepared for the maneuvers that the General had insisted on organizing to showcase the new technology and for the satisfaction of the high command.

It occupied four quadrants, a mountainous one to the west of an (abandoned, of course) city, a plain to the south with some wooded areas but without any places to hide. A perfect place to demonstrate how effective invisibility technology could be in combat. Anyone without such technology would be fortunate to take two steps without getting shredded.

Any enemy in the city would be watching the mountains from the watchtowers, while I could lead my armored unit through the southern plain without much concern.

Everything was going smoothly until we reached the middle of the plain, where any refuge was equally far away.

In a place like this, we could move quickly, and exposure wasn’t a problem. Only some state-of-the-art mines could pose a threat, and it wouldn’t have been worth it for anyone to mine that wasteland.

Suddenly, Boom! An explosion shook my vehicle. I quickly started requesting reports to find out what the heck had happened, but the radio was a mess, so I climbed out of the turret to get an idea of what had occurred. Tennessee’s tank, the Rolling Stone, was in flames, completely destroyed.

I quickly gave orders for the rest to disperse in an open formation while trying to get information from the command. Johnny was shouting that we needed to do something for them; he was young and unable to grasp that Tennessee and the others were already dead, and we would be soon if we didn’t do what we had to… «It must have had an engine failure!» Poor kid, despite peeking over my shoulder, he hadn’t noticed the rocket impact on the right side; that hadn’t been an accident.

– General, we have live fire, what the heck is going on?

– Brrt brrrrrt

– General Mason, this is Chameleon Leader. The Rolling Stone has been hit by what appears to be a ground missile with live ammunition. I request information and instructions. It’s like run through the jungle without vision of the enemy.

All my boys were racing as fast as their tank engines would go while the radio remained silent… Boom! That started everybody up.

– The Wild Side has fallen! – several reports said, this time more organized, over the radio.

I swallowed hard as my brain verbalized what I had to do. We were fortunate of stay alive yet.

– This is the commander, we’ve lost communication with command, and it’s clear that there’s some kind of enemy that can see us despite our invisibility. Switch to live fire and pound anything that moves out there. If any of you are near one of the wooded formations, abandon the tank and take cover; the rest activate White Rabbit mode, maybe they can’t see us or at least shoot us underground. Good luck, guys; I don’t know who we’re up against, but we’re at war, and it paints black.

TFI 002

The previous TFI Challenge was a bonus one. It means it’s not one of the basics that are linked by an explicit URL.

This second challenge can be found on a page where one of the main characters in this amazing story hacks a gun. Basic challenges are related to hacking actions or strategies developed by the group of hackers we’re following in the comic.

When you follow that URL, you’ll find a code to redeem, instructions to connect remotely to a console using netcat, and the source code of the script that manages that console.

The console gives you three options:

  • Activate the special mode of the gun
  • Get admin privileges
  • Exit

By reading the code, you can tell it was written by a rookie developer, because it includes the encrypted password and decodes it to compare it with the user input.

You should never do that. Storing passwords in code is wrong, and being able to decrypt a password is also a mistake — you should use non-reversible algorithms.

To solve this challenge, you just need to write a script or start an interactive Python session to decode the encrypted password the same way the original script does.

With that password, you can connect to the remote console and follow the instructions to catch the flag. Easy peasy.

See you in the next challenge.

TFI 001

First of all, go and read TFI 000 to understand what you are reading.

You can find the first challenge on the front page, so you can see it by looking for images on the Internet.

At the bottom right corner, you can see something that looks like a URL without letters.

If you have seen «characters» like those before, you know what it is. If not, you can try to describe them to ChatGPT or another LLM. If you do it well enough, you will get the answer.

It is an encoding typically used by some ancient groups (rabbis, Knights Templar…) that you can decode by drawing two tic-tac-toe boards and two big Xs.

If you translate the URL, you will go to a page that shows your reward code and a new challenge.

The new one is made of three images with lines of different colors: one red, one green, and one blue. If you know something about computers, you know that images are created with a combination of three colors: red, green, and blue.

You can solve this challenge using any image editing software that supports layers. You just have to stack the three images and adjust the transparency to see the combination of the three, which is a password that will give you a new redeem code.

This first challenge is really easy, but you need some previous knowledge about computers and cipher systems.

See you next week with a new challenge.

TFI 000

Today is Tuesday, so it’s a Tecno-day. However, I’m presenting you a comic that is not just a comic.

«The Future is ******» is what happens when a security company makes a comic just for lols.

It’s a comic created by Rekcahhacker» in a mirror), a project from Black Hills Information Security Company, after a Kickstarter campaign that funded the first issue of TFI: a 100-page book with a great story and lots of «games». Now there are at least 4 issues, and more are coming.

On its pages, you can find URLs and other tips that lead you to some «Capture the Flag» games. CTFs are tests that you can solve using coding, debugging, and other hacker skills.

You can also see a scoreboard hosted by MetaCTF, showing the scores of everyone playing those games, and access to a Discord server where you can ask for help.

In the next Tecno-days, I’ll explain some of the techniques used to solve those tests. But you’ll have to learn the basics and solve them on your own, because I’m not giving you the solutions.

Stay in touch.

3 links about email design

Email design differs from web design because the result is not going to be shown in a web browser. Your design is going to be shown in an app: a desktop app, a mobile app, or a web app (like gmail.com or outlook.com). For this reason, the user interaction is different and the elements of HTML and CSS that you can use in your design are not the same.

3 links about AARRR

AARRR, also known as The Pirate Metrics or The Pirate Framework, is the acronym for Acquisition, Activation, Retention, Referral, and Revenue. They are the simplest metrics that you have to consider in your funnel when going to build a business.

  • If you can read Spanish you could read my very own explanation about AARRR. There, you can also see Dave McClure’s speech (in English) who is the originator of this.
  • As they are simple metrics you don’t need a complex system to analyze them. You can use a single page canvas.
  • The theory is great but, how you can improve those metrics? There are several tools for each phase.

3 links about AI and music

Nowadays, there are a lot of different applications of AI models that can be applied to change any field. Look at music. It is a very «traditional» one where someone creates a song and someone plays a song using some devices to create sound. How AI can change that process?