17 minute read – posted on August 6, 2022 by Zack Orndorff
This year was Samurai’s third time playing Hack A Sat’s (HAS) quals round. The first time we played, we qualified for finals. Year 2, we didn’t qualify. So this year we were hoping to qualify again. I personally wasn’t super involved in the first year, and only a bit involved last year (I don’t think the weekends lined up super great for me), but I was interested to take a shot at it this year and hopefully qualify! Blazin’ Etudes was the third of a series of microblaze reversing challenges, released on the last day of the competition (Sunday).
16 minute read – posted on May 3, 2021 by Zack Orndorff
This weekend, Samurai played the DEF CON CTF Qualifier event. We had a great time playing; much thanks to the organizers for putting on a great event! Many thanks to my teammates, it was awesome playing with you all! One of the challenges this weekend was called baby-a-fallen-lap-ray. It was categorized as a pwn challenge, and it made a comment about being ‘the return of the parallel machine (or is it?)’.
9 minute read – posted on November 13, 2018 by Zack Orndorff
I had the opportunity to compete in the CSAW CTF Finals 2018 for a second year in a row, with the UMBC Cyber Dawgs. It was a lot of fun, despite our somewhat lackluster finish in 10th place. I learned a lot. For instance, in this challenge, I learned how to exploit a Use-After-Free vulnerability (in WebAssembly no doubt!).
4 minute read – posted on November 15, 2017 by Zack Orndorff
I recently had the opportunity to compete in the CSAW CTF Finals with the UMBC Cyber Dawgs. It was an amazing competition; the organizers were awesome and did a great job. We placed 7th in North America, by the way :) If you’ve never heard of CSAW before, it’s a huge student-run security conference/competition. We played in the CTF, or capture-the-flag competition. I would consider one of the best undergraduate-level CTF competitions. CSAW CTF is a jeopardy style competition in which you have a board of challenges, and you get points for solving them. You solve the challenge by hacking at it until it gives you a flag of the form flag{th1s_i5_a_f1@g}, which you enter into the scoreboard to receive points. Team with the most points wins.
4 minute read – posted on March 24, 2016 by Zack Orndorff
So if you’re here, you’re probably one of three types of people. Most likely is that I sent you here because you were wondering why the heck I mentioned this on social media. It’s also possible that you actually care about why I generated a GPG key. I happen to like my explanation, and I hope you do too :) Additionally, in the unlikely case that you just want my key, you can find it at the bottom of the post.
3 minute read – posted on March 18, 2016 by Zack Orndorff
So I wrote a blog post about my process of creating my March Madness bracket last year, so I figure this year I’ll revisit it and explain what I changed. (Note: I know this post is actually after March Madness started… but I’ve been busy. I did actually create the bracket before the games began.)
I used Coder’s Bracket again for a couple reasons. First, it was pretty cool last year, and I wanted to try it again.
6 minute read – posted on June 12, 2015 by Zack Orndorff
Recently I had the privilege of speaking as valedictorian at my graduation from Mount Airy Christian Academy. I had so many people ask me for a copy of it, that I decided to post it here. I hope this helps someone. (If you are from MACA, please email/message/whatever me if you want a copy of the video. I’m not publishing the link publicly here.)
As a final note to my class, I meant what I said.
3 minute read – posted on March 17, 2015 by Zack Orndorff
I’m just okay at picking basketball brackets. I usually finish somewhere in the upper third of the pack, IIRC. However, it’s interesting to enter a bracket and watch the results come in (I almost never watch the games), so I usually make a bracket. This year, I decided to use Coder’s Bracket to create my bracket.
9 minute read – posted on March 10, 2015 by Zack Orndorff
As I thought about setting up my website and email, I wanted to have a way to give out disposable email addresses. That way, I can give Widget Co an email address unique to them, and I can know if they sell my email because I will get emails from Sprockets Inc. at my address for Widget Co. In that case, I can trash all email sent to that address, eliminating that spam.