Hacking

Background: I work with one or more terminal command-line always opened and having to pick up my phone to generate an OTP breaks my flow; also it’s always nice to have an alternate source of multi-factor authentication if something bad happens, one day you could lose or break your trusty mobile device. Therefore I was looking for a way to login through Okta portals without a phone. You may argument that this defeats the whole meaning of MFA, but let’s say it’s only an hack for research and fun purpose … ...

I like playing with the D programming language and I wrote this little post to show how it’s easy to create a dynamic library (shared object, .so) that can be invoked in other programs; to have a little fun we will write a D replacement for the rand() C standard library function call. For your convenience, all the code is also on github Let’s start with the demo implementation, a C program that calls 10 times the stdlib function rand() to get a random number. ...

honey-ssh-pot Curious about who and how attempts ssh login to your home server ? Me too… So I wrote a very simple ssh honeypot, just to collect interesting info about the kind guys who knocks my door :) warning: this is safe, but don’t run the service (well, ANY service) as root user. Even better if you can run it as a dedicate unprivileged user. This program is only for didactic use and not intended for deployment in a production network environment. If you want to have it exposed on the public internet, you must map port 22 of your wan router to the internal server port ( 2222 by default)… Do it at your risk! ...

while working with image files, I needed a simple way to analyze content of a picture; so I wrote this tool that “walks” inside a PNG file and reports all the chunks seen; this is intended to be expanded with more features in a future. package main import ( "encoding/binary" "fmt" "io" "os" ) type chunk struct { Length uint32 ChunkType [4]byte } func main() { if len(os.Args) != 2 { fmt.Printf("Usage: %s filename.png\n", os.Args[0]) os.Exit(1) } f, err := os.Open(os.Args[1]) if err != nil { panic(err) } defer f.Close() header := make([]byte, 8) _, err = f.Read(header) fmt.Printf("header: %v\n", header) if err != nil { panic(err) } var data chunk var offset int64 offset = 8 for { err = binary.Read(f, binary.BigEndian, &data) if err != nil { if err == io.EOF { break } panic(err) } fmt.Printf("Offset: %d chunk len=%d, type: %s\n", offset, data.Length, string(data.ChunkType[:4])) f.Seek(int64(data.Length+4), io.SeekCurrent) offset += int64(data.Length) + 4 } } usage: ...