I run a lot of lockpicking villages and such, and have a pretty big collection of locks, picks, and knowledge. A ton of people ask me how to get started, and unfortunately I don’t think there are any particularly good walkthroughs of how to get the basic stuff needed to start. Since Peterson just announced their winter sale, and I’ve had several requests to recommend lockpicking-based Christmas gifts, I figured this would be a good time to post some info!
Lots of the advice I see is around clear (acrylic) locks and progressive locks. I’m gonna be slightly controversial here by saying: clear and progressive locks are almost universally bad for learning or training - they’re badly made, unrealistic, have cheap parts, etc. They’re great for learning how locks work, but not for any serious practice.
In this post, I will talk about a few things: what are the first picks you should get, what are some good locks to practice on, and what are good resources to use for learning?
In BSidesSF CTF, calc.exe exploits you! (Author writeup of launchcode)
In addition to genius, whose writeup I already posted, my other favourite challenge I wrote for BSidesSF CTF was called launchcode. This will be my third and final writeup for BSidesSF CTF for 2019, but you can see all the challenges and solutions on our Github releases page.
This post will be more about how I developed this, since the solution is fairly straight forward once you know how it’s implemented.
Some crypto challenges: Author writeup from BSidesSF CTF
This is yet another author’s writeup for BSidesSF CTF challenges! This one will focus on three crypto challenges I wrote: mainframe, mixer, and decrypto!
BSidesSF CTF author writeup: genius
This is going to be an author’s writeup of the BSidesSF 2019 CTF challenge: genius!
genius is probably my favourite challenge from the year, and I’m thrilled that it was solved by 6 teams! It was inspired by a few other challenges I wrote in the past, including Nibbler. You can grab the sourcecode, solution, and everything needed to run it yourself on our Github release!
It is actually implemented as a pair of programs: loader and genius. I only provide the binaries to the players, so it’s up to the player to reverse engineer them. Fortunately, for this writeup, we’ll have source to reference as needed!