Category Blog

back in the summer of 2016 I was eating an orange while working just to end up with a drop of orange liquid inside the keyboard of my beloved macbook.

I am very attached to this macbook since years, and this juice decided to ruin the worst possible key [SHIFT] in the mac, hence all I was able to write is capital letters, the booting won’t work because it MAC OS boots to safe-mode by default if the shift key is pressed on booting time. Even worse than this all was not able to login into my environments because the all my passwords were capitalized.

Back then I decided to override the [SHIFT] key using a software interupt, which worked greatly until I decided to replace the whole macbook keyboard. The process of replacing the keyboard wasn’t that complicated, what came next was 🙂

Upon bo...

Note: This post is part of the “20p Everyday” project.

I was fortunate enough to attend one of the best information security schools in the world. Yes that’s Royal Holloway University of London after a long academic journey, ups and downs of course..
I was even more fortunate to have the author of this book, Keith Martin, as one of my professor back in RHUL.
He taught me “Crypto 1”. I enjoyed his lecture very much. It was one of the most interesting lecture at times.

Personally I had some ideas about cryptology (the correct term btw.) since my computer security course I took with Fadi Aloul at the American University of Sharjah (AUS). I had an idea about
what is a public key what is a private key, and what’s PGP (pretty good privacy), thanks to Taha Landolsi and his course “Networks II” at...

We mentioned before how did we switch to SSL since 2017.

I want to add here how to set HSTS to prevent a wellknown SSL attack called SSL-Strip.

• What is SSL Strip?

You can watch the full talk to understand in details how this works here.
Basically the attacker is somehow (we don’t care how) a MITM setting in between the victim and the authentic server.
The attacker in this case can do a downgrade attack on SSL and transfer all HTTPs connection to the normal plain text HTTP connections.
Now the attack can simply sniff all data being communicated between the victim and the server.
The attacker is also free now to change the data and execute other attacks such as injecting malware into the traffic.

• What is HSTS

HSTS or HTTP Strict Transport Security allows web servers to declare that web b...

In case you haven’t noticed. I’ve gone HTTPS with a green lock now 🙂

I also rate a “A” with Qualys’s SSL lab test. Check it here.

There is no more excuse not to be encrypting your traffic using TLS. A service like letsencrypt.org makes it so easy to switch to https you can finish the whole process in few mints (if not seconds!) using their certbot tool.
A quick guide to certbot can be found on youtube. If it doesn’t work by default, you will need to go the manual way. I might write a guide here when I have the time for it.

Keep encrypting!

Part of my 2017 goals is to read more, and not to make the common mistake not to be specific about my goals, I decided to precisely set to read 20 pages per day.

|–+ [ Everyday Cryptography [done][review]
|–+ [ The Hacker Playbook: Practical Guide To Penetration Testing [current]
|–+ [ The Hacker Playbook 2: Practical Guide To Penetration Testing [next]

As part of any post exploitation in a security auditing or testing engagement you will want to gather as much info as you want about the victim to be able to target your next victim in the chain.

Having said that sometimes you stumble upon strange files, encrypted data, and network traffic that you don’t know what to do with it. One of these was an .sdf file related to hmailserver. The last is an open source mail server, you can read more about it here.

When gaining access to this server you will want to read this file:

A sample output would look something like this:

Recently I needed to move my file from my One Plus (yes – I’m back to iOS). For this move I needed to transfer my previous images / files from the android phone to my computer.

The only thing is each time I tried to use Android File Transfer, it stalls in the middle of the progress after copying few files. I thoguht ok, let’s go back to CLI, so ADB was an obvious backup plan; however the last did not sustain as well. The phone keeps disconnecting and I got frustrated with this buggy design of both. (@Google – Why is this OK?)

Turns out that CLI is indeed a life saver especially for a linux user like me. What I did is really simple and effective.

The idea:
Run scp in adb shell connect back to your mac / linux box (Windows users you will find a way too – SFTP server?)

The implementation:

While I was coding the ‘Twitter Short Handles Finder‘ I needed an efficient Alpha-Numeric Strings generator in Python. I coded this from scratch:

I was astonished by the fact that both Ooredoo and Vodafone the only telecom operators in Qatar still do not use HTTPS by default leaving user credentials to be easy targets for hackers.

To make a change I just pushed a Github commit to the famous HTTPS Everywhere Browsers Extension for both operators websites:

• Ooredoo.qa.xml
• Vodafone.qa.xml

You can also contribute to this project by adding rules and tweak the code on Github.

If you face a website with lot of checkboxes to check but they did not implement a ‘check all’ button. You can copy and past this code into your browser’s URL address:

Note that sometimes your browsers (Chrome in my case) scizes the ‘javascript:‘ part from such addresses. You need to type ‘Javascript:‘ manually