Simple IPv4 and IPv6 HTTP Server

When doing hackthebox stuff I often use the SimpleHTTPServer module of python to download scripts and tools from my host system to the client.
Recently I needed an IPv6 http server because IPv4 was blocked. Since I didn’t find a simple way to host files via IPv6 I extent the SimpleHTTPServer module with IPv6 support. While I was at it I also implemented file upload via post.
The latest version can be found on my GitHub page
The current version as of this writing is listed below:


Updates to Apple II+ and Colecovision fpga cores

Just a short notice that the Apple II+ and the Colecovision fpga cores got some updates. Thanks to Till and gyurco who sent me pull requests. Head over to the official mist core page for download.

– Support for the MegaCart (ROMs up to 1MB) and SuperGameModule (32k RAM, AY-8910 sound chip) added

Thanks to gyurco.

Apple II+
– Apple II+: YPbPr support

Thanks to Till

JIS-CTF: VulnUpload Vulnhub Writeup

My first boot2root beginners challenge taken from here: JIS-CTF: VulnUpload from
First we start with a nmap scan:

Flag 1

The nmap scan already reveals a lot of information. The first flag can be found under the url http://[jordan vm]/flag:

The 1st flag is : {8734509128730458630012095}

Continue reading

An overcomplicated solution for cmd2 ctf at

When I got some free time I try to solve some beginners hacker ctfs. Recently I stumbled over cmd2 at and it took me some time to solve it. Later I realized that my earlier attempts would have been successful if I knew the difference between calling arguments with "..." or '...'. 🙂
For starters, when calling a binary with "$(...)" the code inside $(…) will be executed first and then the result will be the arg for the binary.
When a binary is called with '$(...)' the whole parameter will be seen as argument. With some help from youtube I used the following solution for cmd2:

./cmd2 '$(cs() { printf ${@}; }; cs "\57bin\57cat\40fl"; cs "ag";)'

An easier solution as seen here would be:

./cmd2 '$(echo "\57bin\57cat \57home\57cmd2\57f")lag'