• Bubble
  • Bubble
  • Line

Vikings Stole my Flag - Radare2 Forensic Analysis

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2018-01-01T00:00:00Z
  • 5 min to read
Vikings Stole my Flag - Radare2 Forensic Analysis

This mini tutorial will show off Radare2's forensic analysis potential.
You can use radare2 as a digital forensic analysis tool on disks, files, websites, remote storage.. Etc
Radare2 has a great potential to become the swiss army knife of CTF contests.
Sure, there are many tools out there that can do what we want. But one tool do do it all? I don't think so.
I had created this CTF style image a while ago for a Windows 7 mini forensic contest.

JPG files are great. You can hide data in plain sight. You can embed archives or other files. You can even change bit sequences to add your data and encrypt it as if it's part of the image without being detected!

read more

Zenity GUI for Elixir

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-12-21T19:13:00Z
  • 2 min to read
Zenity GUI for Elixir

So I've recently switched to using Elixir as my main development platform.
One drawback of Elixir/Erlang is that it doesn't have any GUI(General User interface).

Yes, it's easy - even required - to use cowboy + plug or Phoenix to make a browser based (HTML, CSS and JavaScript) interface that works great across all devices.
But what when you want to interact with the user directly without the extra overhead?

read more

Net Neutrality in the USA and Europe - The importance of using a VPN or VPS SSH Proxy

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-12-16T00:09:00Z
  • 2 min to read
Net Neutrality in the USA and Europe - The importance of using a VPN or VPS SSH Proxy

On 15 December 2017 net neutrality was repealed in the US. Some say that this may end the open Internet as we know it. Europe won this battle in October 2016.

I will not explain what net neutrality is nor dive into the technical details of what could happen if the internet is not an open platform anymore.

Net Neutrality can be summed up as the protection and freedom of every citizen that uses the Internet to interact with any website, server or content that he wants to without being limited. Without Net Neutrality every IPS can limit your access and make you pay for accessing various websites. This is just crazy.

With the fall of net neutrality there will be a rise of censorship.

There is however one thing what people can do to escape from the censorship.

read more

osTicket not working certain things not loading nginx

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-12-13T20:48:00Z
  • 1 min to read
osTicket not working certain things not loading nginx

There is an  ajax issue while using using nginx with osTicket due to redirects.

Certain things will not load and if you look in your error log file you will see something like the following:

You should change /helpdesk/ to whatever subfolder you have the osTicket hosted to.
This will also solve problems in the scp but also in the normal working..

Add this to the server config
.... probably here you have other fastcti_params

set $path_info "";# Requests to /api/* need their PATH_INFO set, this does thatif ($request_uri ~ "^/helpdesk/api(/[^\\?]+)") {\tset $path_info $1;}# /api/*.* should be handled by /api/http.php if the requested file does not existlocation ~ ^/helpdesk/api/(tickets|tasks)(.*)$ {\ttry_files $uri $uri/ /helpdesk/api/http.php;}# /scp/ajax.php needs PATH_INFO too, possibly more files need it hence the .*\\.phpif ($request_uri ~ "^/helpdesk/scp/.*\\.php(/[^\\?]+)") {\tset $path_info $1;}if ($request_uri ~ "^/helpdesk/.*\\.php(/[^\\?]+)") {\tset $path_info $1;}    \tfastcgi_param  PATH_INFO    $path_info;# Make sure requests to /scp/ajax.php/some/path get handled by ajax.phplocation ~ ^/helpdesk/scp/ajax.php/(.*)$ {\ttry_files $uri $uri/ /helpdesk/scp/ajax.php;}    # Make sure requests to /ajax.php/some/path get handled by ajax.phplocation ~ ^/helpdesk/ajax.php/(.*)$ {\ttry_files $uri $uri/ /helpdesk/ajax.php;}

 

 

read more

The importance of continual education and information management at every step in life - Mass disinformation in the information era - Why we all need a proper education in statistics, economy and legislation

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-12-07T21:39:00Z
  • 2 min to read
The importance of continual education and information management at every step in life - Mass disinformation in the information era - Why we all need a proper education in statistics, economy and legislation

I've been wanting to write something else than about IT so I thought why not write about LIFE in general. This idea occurred to me multiple times even when I started writing and researching information about a book I wanted to write.

I always thought there are many places where you can inform yourself and there are already too many people who write about almost everything.

The main problem I found is that there are relatively FEW people who write about thinking in a way that thinking is an everyday action.

Gathering information, forming an opinion, understanding statistics.. these are all daily activities needed to succeed.. However as the years passed the sad realization is that most people never stop to think about something.

We all have opinions, though how much research do we do before we come to a certain idea?

read more

What note taking system I'm currently using - Zim

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-11-30T16:13:00Z
  • 2 min to read
What note taking system I'm currently using - Zim

How do YOU keep your notes information stored?

Well, at first everyone uses files, right? But what when you have thousands of them!

~ to 2009

So up untill 2009 all my note taking was done by using a custom software written in Tcl based on the HyperText Help System which I usually included with shipped apps.

What it did was actually use some form of HTML with Tk. At the same time i experimented with the wikit project A nifty thing itself.

It saved everything in 1 file so it was very convenient to backup.

read more

Learning Phoenix from Programming Phoenix 1.0 with 1.3 - What to do untill the new book comes out?

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-11-07T16:15:00Z
  • 1 min to read
Learning Phoenix from Programming Phoenix 1.0 with  1.3 - What to do untill the new book comes out?

This blog post might be usefull for people learning Phoenix 1.3 with the Programming Phoenix book.
There are many changes from the older phoenix version for which this book has been written and the yet not published newer book "Programming Phoenix 1.3" which should be here untill 2018.

Many changes have been implemented in Ecto, Elixir and also Phoenix so often I needed to go deep into the source and API documentation (which is useful because the learning curve is better).

If you also followed this, I recommend always searching on the following page if you have issues

https://pragprog.com/titles/phoenix/errata

The Models folder and the web folder have disappeared. The models folder can be replaced by creating folders and storing data for your "schemas", "models" elswhere .
The web has become <yourapp>_webNOTE:
Ecto validate_length does NOT verify if something is required, so it;s always best to do something like the following by including validate_required

struct|> cast(params, [:name, :username])|> validate_required([:name, :username])|> validate_length(:username, min: 3 ,max: 20)
 
 
This list of outdated examples might also help.
 
I intend to update this post once I restart reading the book alongside the official documentation for 1.3 so I get a better grasp on everything
read more

Using Secure hashing implementations in applications

Andrei Clinciu Article AUthor
Andrei Clinciu
  • 2017-06-10T20:53:00Z
  • 3 min to read
Using Secure hashing implementations in applications

Using secure hashing implementations is a must in today's ever changing cyberspace.
Even as a non-IT client it's important to know a little bit about how the software works around you.

This will make you more security conscious. Knowledge breeds wisdom.

What are hashes?

Hashes are algorithms (a mathematical way) to transform data into a unique "signature" value. They are used all around you:

  • Hardware uses small checksums when any communication occurs. Think about transferring data to your
  • Networking uses checksums and hashes for data integrity and verification.
  • Software uses hashes to store passwords and sensitive data so it's not plaintext.
  • Cryptography to make data secure

read more

Building Great Software
The digital Revolution begins when you learn to automate with personalized software.

Find me on social media