A little experiment

Thought about getting a nicer email signature earlier on, while adding the qr code image to my signature, the most natural thing to do was just to upload it to cubie and link it. Just realised that this could result in some interesting phenomenon. Basically, whenever someone opens the email, it ...

Compromised websites

Lately, I am beginning to see more communities that I belong to being hacked. It first started with SRL forums a couple of weeks ago. Its quite an irony since it is a hacking forum, albeit one targeted at game hacks. Fortunately, the admin team was very efficient and sent out an email to ...

Root access for android apps

Must say that I am quite surprised at the amount of unencrypted information available on the phone. The stock android browser stores saved password in plain text in a sqlite db at /data/data/com.android.browser/databases/webview.db . Yes, although other apps are unable to access the data ...

Key management

Over time I have gradually accumulated quite a number of keys. I have my PGP keys for my mail encryptions, my SSH keys, multiple VPN certs and keys for various services, my android keystore keys. Currently I just chuck it into a folder, storing everything in plain text, which is fine as long as ...

Spoofing NUS WPA2 and stealing credentials

Warning Content in this post is for educational purposes only, it may be illegal to carry out the exploit mentioned. The author is not responsible for any action taken against you if you carry it out. This exploit is possible because of configuration settings in PEAP where certificate ...

Hacking attempt on cubie

While looking through apache logs today, I found a few interesting entries. `123.45.678.9 - - [02/Jun/2013:17:42:10 +0800] "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 1105` `123.45.678.9 - - [02/Jun/2013:17:42:11 +0800] "GET ...