Filed Under

Articles on security. Discoveries, hacks, useful things I learned and things that amaze me.

Installing Hardware Backdoors In The Supply Chain

Bloomberg release a very detailed report on how Amazon discovered a hardware backdoor the size of a single grain of rice in servers manufactured by Elemental Technologies.

Read More

The game of DDOS attacks: Game over

The Netherlands was plagued by numerous DDOS attacks lately. The tax authorities, Bunq bank and many other banks and government agencies. The attacker was careless and left some traces and was even arrogant enough to seek contact with the sysadmin of Tweakers.net, one of the targeted sites.

Read More

Wordpress Plugins

Recently I was asked to give feedback on a new website. It uses Wordpress, but why? Why not? So I researched a bit and was able to give a well-founded answer. about the risk of having plug-ins installed.

Read More

The most used OS by far

Every modern Intel CPU has Intel’s Management Engine (ME) built in. You actually get another OS completely free with your CPU: MINIX.

Read More

Explore Universal Plug and Play

To me Universal Plug and Play (UPnP) alway was a mysterious protocol. When some cool program required an open port, UPnP made it happen. When some fancy program did not work, someone would ask me: “Did you enable UPnP”? Right, I forgot… I had no clue what magic UPnP did for me.

Read More

Editing with sed

At times I find myself in situations in which I can not rely on my favorite commandline text editor VIM. But of course editing files is a must. Writing my own non-interactive line editor actually did cross my mind, but hold on… What about my old time friend sed?!

Read More

Equifax hack

Equifax is a consumer credit reporting agency and last week it got hacked. Now the information of 143 milion US citizens, about 45% of the population, has been compromised by hackers. The hackers got access to names, birth dates, addresses but also social sercurity numbers and in some cases drivers license numbers. This is a really big thing! It got me thinking and I just had to write about it.

Read More

Lock picking in practice

Many years ago, I studied the art of picking locks. Not to do anything illegal, but just to learn about locks and how they work. Most importantly, open locks in a non-destructive way the manufacturer certainly did not intend to open. I bought a lock picking set and a practice lock. Over the years I collected some other locks, formerly used in real life. I finally got a chance to show off my skills.

Read More

Using netcat without -e

Recently in my OSCP course, I was struggeling a few hours to get a reversed shell connection. It was a FreeBSD box, not quite my expertise. Finally I came up with a simple solution using tail -f.

Read More