Decoding Balanced Payments Puzzle 1

A strange string appeared at the bottom of a Balanced Payments blog post: NmQ2ZjYzMmU3Mzc0NmU2NTZkNzk2MTcwNjQ2NTYzNm U2MTZjNjE2MjQwNjU2MzZlNjU3MjY1NjY2NjY5NjQ2MTY1N mI2MTZkNmY3NDc0NmU2MTc3Njk= One of those puzzles to attract coders I guess. The guys at Hacker News¬†spilled the beans, so lets spill them some more. First though,** Mad Props** to the Balanced team for thinking “outside” the unit-test-box. Plus Jenkins rocks. The world needs more Jenkins.¬†Bash? I’m not a developer, so my first instinct was to use the existing set of tools that people have already written to solve this puzzle:

Discrete Wavelets Final Project - Decaptcha,

This semester I took a class on Discrete Wavelets. It was awesome. The coolest part was our group final project. My group had the best topic by far: Decoding a Captcha! (Click on any of the following images to view them full size) [](/uploads/file_captcha.jpg) We’ve all seen Captchas before. They are used on websites to make sure that the person on the website is a real human, not a computer program.

PAP Solutions Hack

My girlfirend likes to do these puzzles called Pic-A-Pix from ConceptisPuzzles. They use a matrix of numbers to hint the puzzler to to filling in pixels to create pixel art. Sometimes there is color. Every week four new PAP’s are pushed out, and I’ve been told that the answers are somewhere on the website…. but that would be cheating. :) So I wrote my own program to decode these and make images using html tables.

Custom Arp Alerts II!

So I’ve found a better way to do what I did in the previous post. Instead of running a separate script to parse the arp alert logs, I have arp alert itself send the alerts! The key is this line in the arpalert.conf action on detect = "/etc/scripts/arp-alert" Its so simple, it just runs that script sending the information about the alert as certain arguments. With this I have more control over the formatting of arpalert messages:

Custom Arp-Alerts

So I was looking around, and I wanted some sort of tool to allow me to be more aware about what was happening in the lower “bowels” of the network that I’m on with my laptop. So what is it that I want… What I really want is some sort of mac-address based buddy list. One that would show my a list of the mac addresses talking on my network, and allow me to alias them.

DNS Cache Poisoning

Recently a DNS expert found a flaw in the way that DNS servers talk to other DNS servers to get records that allows interested parties (hackers) to insert their own records. If you need a primer: the Wikipedia link. Well… a DNS flaw is no fun without a tool to use it. So this guy “HD Moore” wrote a program (script) that takes advantage of this and makes it relatively easy for someone to use something called Metasploit to tinker with it.