Thought about getting a nicer email signature earlier on, while adding the qr code image to my signature, the most natural thing to do was just to upload it to cubie and link it. Just realised that this could result in some interesting phenomenon. Basically, whenever someone opens the email, it ...

Must say that I am quite surprised at the amount of unencrypted information available on the phone. The stock android browser stores saved password in plain text in a sqlite db at /data/data/com.android.browser/databases/webview.db . Yes, although other apps are unable to access the data ...

Over time I have gradually accumulated quite a number of keys. I have my PGP keys for my mail encryptions, my SSH keys, multiple VPN certs and keys for various services, my android keystore keys. Currently I just chuck it into a folder, storing everything in plain text, which is fine as long as ...

Warning Content in this post is for educational purposes only, it may be illegal to carry out the exploit mentioned. The author is not responsible for any action taken against you if you carry it out. This exploit is possible because of configuration settings in PEAP where certificate ...

While looking through apache logs today, I found a few interesting entries. `123.45.678.9 - - [02/Jun/2013:17:42:10 +0800] "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 1105` `123.45.678.9 - - [02/Jun/2013:17:42:11 +0800] "GET ...