electronics Featured Taking over a Dead IoT Company 5 years after NYCTrainSign collapsed, I investigate why the company failed and end up writing an exploit to take over their fleet.
programming How to Save Your Wordle Scores This is a simple guide on copying your Wordle scores between devices.
hardware Pimp My Walmart PC TL;DR Reverse engineering HP's proprietary PSU so that we can make a cheap gaming PC with parts from Walmart and an old GPU I'm no environmentalist but I don't really throw away working computer parts. I use them until they break beyond any sense of repairability. You can call
ios Recalibrate the iOS Compass Have you ever opened Google Maps or even Apple Maps on your iPhone and found that the compass was pointing the wrong direction? You're looking one way up the block but the compass says you're pointing the opposite direction? Supposedly Apple put in a co-processor to keep the compass calibrated
python Featured Faster Python with Go shared objects (the easy way) There's no two ways about it, Python is slow. I felt this in particular when exploring how to sanitize potentially malicious HTML content in the CTFd [https://ctfd.io/] content editor. The two options for sanitizing/processing HTML in Python both have some tradeoffs: 1. Poorly but quickly parse HTML
python Encoding Non-Printable Bytes in Python 3 TL;DR bytes -> str: In []: b'\x90\x90\x90\x90'.decode('latin-1') Out[]: '\x90\x90\x90\x90' str -> bytes: In []: '\x90\x90\x90\x90'.encode('latin-1') Out[]: b'\x90\x90\x90\x90' But Why Tho Sometimes when you're programming or you're playing CTFs [https://majorleaguecyber.org/
modchips Making PlayStation 1 Modchips When I was young I owned a PlayStation 1 (PS1). It was one of the first, if not the first, game consoles I owned and it had a profound effect on my future. I can trace the history of how I got involved in computers back to playing and modding
networking Recording and Decrypting SSL Encrypted Traffic There comes a time in every engineer's life where it becomes necessary to decrypt SSL/TLS encrypted traffic. Whether it's debugging, security analysis, or just to have plaintext records of traffic, SSL can just get in the way. I recently needed to make a packet capture (pcap) of decrypted SSL
tech support Replacing Macbook Air Keys A friend of mine ran into a problem. The keys on her Macbook Air started randomly falling off the keyboard! Not only is this a problem, but it seemed to be spreading. Four keys had become loose and were randomly falling off while typing. This is the story of all
rfid RFID Hacking with The Proxmark 3 Radio-frequency identification (RFID) is a widely used technology for the tracking and identification of objects that have been "tagged" with small RFID tags. These tags often come in the shape of little keychains, cards, and stickers. They can be seen in many different kind of systems and are often relied
binary ninja Binary Ninja: IPython and the Python Console Binary Ninja is the new hotness in the reverse engineering world. It represents a new age of beautiful, programmatic reverse engineering. It's clear that if the IDA Disassembler is going to be the IDE of reversing, then Binary Ninja (or binja as most people call it) wants to be the
virtual machines Mech: Vagrant with VMWare Integration for free In a lot of ways, Vagrant is an exceptional way to use virtual machines (VMs). Terminal wizards rarely need a GUI to get something done and often times you really only need a simple sandbox to prototype something. Vagrant accomplishes this beautifully by wrapping configuration details in a Vagrantfile and
api keys API Keys, API Keys everywhere It's common knowledge that developers often leak sensitive information when they publish open source code. A single mistake can accidentally leak out enough information for an attacker to infiltrate a company and tear it down from the inside out or rack up huge bills in the name of mining bitcoin
rfid Reverse Engineering HID iClass Master Keys The HID iClass line of proximity cards and readers is a widely deployed RFID system that's been poked full of holes by security researchers. The system boasts a higher level of security through encryption and mutual authentication. But neither of these defenses mean much when the master authentication key used
image captions Adding image captions to Ghost For some reason Ghost doesn't support image captions by default. Lots of Jekyll themes and Medium both support image captions out of the box. Not sure what the reasoning is since it's fairly easy to use JavaScript to create the image captions and a modification to the Casper theme is
