General – Life In Hex

Advent of Nerds

2024-12-272024-12-27 kao

For some weird and inexplicable reason, every year there are plenty of IT-related advent challenges.

Have you ever seen gardeners, baristas, graphic designers or any other creative profession making advent challenges glorifying their craft? I bet you haven't. Yet, there's an Advent of Code event every year and there are lesser-known events for most popular programming languages. Just to name a few - Advent of SQL, Advent of JavaScript, Advent of Rust and even Advent of No-Code.

This year I decided to try out few of these challenges during my Christmas holidays.

Please excuse the mess!

2024-07-022024-07-04 kao

I'm sorry. My hoster suddenly required me to migrate to a newer version of PHP. That severely broke my WordPress setup, including the old theme and syntax highlighting, and download buttons. I'm working hard to get it all working again.

Looks like I've resolved most of the issues. Have a great stay!

Flare-On 9 medal has arrived!

2023-12-29 kao

It's taken over a year but the medal for 2022 contest is finally in my hands. 🙂

This time organizers had to deal with some manufacturing issues (which took them a full year to resolve), and I had to deal with overly zealous customs and taxes office. They billed me around 20 eur in taxes and surcharges for a simple trinket. Un-fucking-believable!

Flare-On 8 prize has just arrived!

2022-02-04 kao

Last September Fireeye organized 8th edition of Flare-On reverse engineering challenge. And today I finally received my prize for completing all challenges. Hooray!

This year I did not make detailed writeups but I can wholeheartedly recommend writeups made by Washi - they are awesome! 🙂

Hacking resources for fun and no profit, part 1

2020-09-042020-09-05 kao

In this article I'll show how I made VMWare Workstation 15 awesome again using a little-known Resource Hacker feature called "scripting".

But first, a bit of background..

Upgrade of VMWare

People who know me know that I prefer stable, tried-and-true solutions. Be it my primary operating system, the tools I'm using or things I eat for breakfast. Once I know that something is good, I don't want to change it.

So, for a long time I was using VMWare Workstation 10. It just worked. But as the new versions of Windows came out, they started requiring hypervisor to support some specific features. Otherwise it just won't work. For example, to be able to install Windows 10 1803, you will need VMWare 14.x. To install Windows 10 1903, you will need VMWare 15.x.

And so, after a long time of holding out, I decided to upgrade.
Read More →

Stealing WordPress credentials

2020-06-042020-06-04 kao

Yesterday WordFence published a scary article titled "Large Scale Attack Campaign Targets Database Credentials". Article describes a recent mass-scanning attack of WordPress sites. The purpose of the attack was stealing WordPress configuration files - and therefore usernames/passwords of WordPress admins.

As with the XSS campaigns, almost all of the attacks are targeted at older vulnerabilities in outdated plugins or themes that allow files to be downloaded or exported. In this case the attackers are attempting to download wp-config.php, a file critical to all WordPress installations which contains database credentials and connection information, in addition to authentication unique keys and salts.

Since WordFence is in the business of selling "the best WordPress security", they have little intention to explain how these attacks really work.

Instead, they blatantly advertise their product as a remedy for everything:

All Wordfence users, including sites running the free version of Wordfence, and Wordfence Premium, are protected against these attacks.

That's really not helpful, so let me fix that. 🙂
Read More →

About the long silence

2020-04-082020-04-08 kao

Hello all!

It's been almost a year since my last post. I guess some explanation is in order. And it's actually very simple.

I got burned out.

I took on too much at once. My daily job. Personal life. This blog. Paid side projects. It was all fun until it wasn't. One night I finished my side project at 3AM, sent the finished code to the guy and went to sleep. Next day I just couldn't wake up and get to work. So, I said to myself, "It's alright, weekend is coming, I'll get some more sleep and everything will be fine again!"

It wasn't.

My brain still refused to work and I could barely function. I stopped answering my emails. Stopped managing the blog. Stopped pretty much everything. Whatever I did, it wasn't fun. And that's how I spent last year or so.

It's slowly getting better. Reversing stuff feels fun again. I might even write a proper blogpost or two in the near future. Who knows..

Now you know it. Take care and try not to end up like me!

Some articles that seemed useful to me:
https://piechowski.io/post/how-to-get-over-burnout/
https://www.mindtools.com/pages/article/recovering-from-burnout.htm
https://kierantie.com/a/burnout

My password is “password”

2019-04-212019-04-21 kao

Every once in a while someone writes a scary article telling us how the most frequent password still is "123456" and how very bad it is.

That's an utter load of crap.

I know a bit or two about computer security. Yet, my most commonly used password is "password". And that's not going to change anytime soon.

uBlock silently enables Acceptable Ads for everyone

2019-02-132019-02-22 kao

Few days ago I started seeing ads on ebay. Weird.. 😕 I blocked the ad manually and forgot about it. The next time I visited ebay, the ad was showing again. I blocked it again. Third time.. Yes, you guessed right, the ad was back. So, I started to investigate why my filter rule was not working.

Few minutes later, the culprit was found:

This rule disables all cosmetic filters for eBay. But where does it come from?

I went to examine my filter lists. And then I went into full WTF mode:

Why the fuck I have "Acceptable Ads" list enabled?
Read More →

Comment spam abuses Google Drive and bypasses Akismet

2019-01-052019-01-06 kao

Recently there were few spammy comments posted on the blog. I mean real, actual comment spam:

I'm using a simple captcha and Akismet - it filters out pretty much all of the spam. So, these 2 comments getting through the filters really caught my attention.
Read More →