Idiocy

U.S. Nuke Silos Protected by Stupid All Zero Password

Posted on

The tile of this post says it all.

Please visit For Nearly Two Decades the Nuclear Launch Code at all Minuteman Silos in the United States Was 00000000 for more details.

I just cannot be bothered to write more about it, I hope they change it. I hope the Russians didn’t do anything this stupid as well.

Advertisements

Alpha Networks Inc. Want to Backdoor Your Router

Posted on Updated on

In recent news posted on the Dev ttyS0 blog that a spin-off company of D-Link called Alpha Networks Inc. has embedded a backdoor to various D-Link and Planex firmware.

The blog post titled “Reverse-Engineering a D-Link Backdoor” really does a great job showing the step-by-step process the author took find the back door. There are nice visual diagrams and code fragments too.

In a nut shell, the genius programmers at Alpha Networks Inc. wrote some programs or services that needed to change the routers settings remotely. Knowing that the HTTP server on the device could do this, they thought to re-use its functionality. Yeah, 1 step forward, but it needs a password to log in so they though to add a routine to by-pass the authentication check based on a static user-agent, 2 steps backwards or rather 100 steps backwards into a pit of stupidity.

It’s bad enough they got one or more programmers who thought of doing this, it is even worse when you see what the user-agent string is; here have a look:

xmlset_roodkcableoj28840ybtide

Now for the grand moment of where genius meets idiot, spell that backwards!

editby04882joelbackdoor_teslmx

Yeah, Thanks “Joel” and I bet 04882 must be your employee ID code or something else that might be personally or professionally related to you. Thanks for backdooring D-Link firmware. This was already found by Russian hackers in 2010, so who know how long this might have been exploited for.

*** Update ***
Posted buffer overflow exploit proof of concept code on devttys0.com check it out here

WhatsApp ? WhatsCryptography? WhatsEncryption? Answer is: I don’t know

Posted on

And it happens again to WhatsApp, being further embarrassed by researchers showing that they do not know how to implement encryption correctly. Recently Help-Net Security published an article about a Dutch Computer Science and Mathematics student (Thijs Alkemade) at Utrecht University has discovered how WhatsApp encrypts and authenticats its messages.

we know that not only does WhatsApp use the same (RC4) encryption key for the messages in both directions, but also the same HMAC key to authenticate messages.

The main problem being:

“But a MAC by itself is not enough to detect all forms of tampering: an attacker could drop specific messages, swap them or even transmit them back to the sender,”

But also points out that there is a simple solution which is using TLS. So in conclusion

  • All WhatsApp users are still not safe
  • Your messages can be sniffed out
  • Your message can be decrypted
  • Your only protection is to stop using WhatsApp
  • Wait for WhatsApp to learn how Encryption works so they can implement it correctly

I’ll end this post with a quote from Thijs Alkemade:

“solution that has been reviewed, updated and fixed for more than 15 years, like TLS.”

Zaid Rabab’a Biggest Plagiarizer on Bayt.com

Posted on

So I have an account on Bayt.com which claims to be

the leading job site in the Gulf and Middle East, connecting job seekers with employers looking to hire. Every day, thousands of new job vacancies are listed on the award-winning platform from the region’s top employers.

Rightfully so, it has a large database of job listing and some nice and useful statistics that you can browse through. So when I log in they recommend me to go to their “specialties” page where people get to ask questions and give answers. Also people’s questions and answers can be given ratings, kind of similar to how stackoverflow works. So then I see this guy who goes by the name of “Zaid Rabab’a” who seems to answer a lot of people’s questions. Like a wide variety of questions too. I thought it was kind of odd, I always do; I am very cynical.

So I did something quite silly, I selected the text of his answer and pasted it into google. Boom! I found a website with the exact same answer. Weird… it’s like they both came up with exactly the same words, punctuations, slang and terminology for the same answer whose question was asked months maybe years apart. That or he just plain out copied someone else’s answer.

I felt annoyed at first and then I felt sad. I reviewed a list of this guy’s answers to questions and they’re all (90%) copy/pasted or just outright plagiarized from other websites. I compiled a list of the page where he answers and the corresponding website where the answer has been copied from. I could have gotten more but it was just getting too sad for me.

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/1124/?feed=answers
Plagiarized from: http://stackoverflow.com/questions/10558465/memcache-vs-redis

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/1109/?feed=answers
Plagiarized from: http://php.net/manual/en/function.htmlspecialchars.php

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/716/?feed=answers
Plagiarized from: http://www.dotnetfunda.com/interview/exam2575-what-is-the-difference-between-custommasterurl-masterurl.aspx

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/1038/?feed=answers
Plagiarized from: http://javarevisited.blogspot.com/2010/10/why-string-is-immutable-in-java.html

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/1022/?feed=answers
Plagiarized from: http://stackoverflow.com/questions/8964523/how-do-i-protect-my-website-from-sql-injections

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/686/?feed=answers
Plagiarized from: https://en.wikipedia.org/wiki/Connection_string

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/999/?feed=answers
Plagiarized from: http://www.coolinterview.com/interview/44235/
http://techpreparation.com/php-interview-questions-answers1.htm

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/998/?feed=answers
Plagiarized from: http://www.w3schools.in/php-tutorial/interview-questions/

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/997/?feed=answers
Plagiarized from: http://dev.fyicenter.com/faq/php/Get-Uploaded-File-Information.html

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/996/?feed=answers
Plagiarized from: http://www.netsqlinterviewquestions.com/Php_Interview_Questions/364_what-is-meant-by-urlencode-and-urldecode.aspx?TopicID=21

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/961/?feed=answers
Plagiarized from: http://programmers.stackexchange.com/questions/186324/which-http-status-codes-are-really-ok

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/937/?feed=answers
Plagiarized from: http://www.c-sharpcorner.com/Interviews/answer/5653/what-is-use-of-app_code-folder-in-Asp-Net-application

Zaid Rabab’a Answer: http://www.bayt.com/en/specialties/question/151/?feed=answers
Plagiarized from: https://httpd.apache.org/docs/2.2/mod/worker.html

I sent bayt.com some feedback on this just to realize the person in question works for bayt.com hahaha (would not be surprised if those links mysteriously disappear too). Seriously, I would not hire or work with such a person who inflates their status in such a way and does not give credit where its due.

iOS6 HTTP POST Blunder

Posted on Updated on

It usually is quite amazing when someone upgrades their iPhone to a new OS and suddenly things stop working. By "things" I mean web-applications and by "not working" I mean they literally stop working.

This affected me and my work. Suddenly people who visit one of my web-applications cannot use it properly. They seemed to only be able to send HTTP POSTs but not receive. Weird, then we see the issue completely exploded on stackoverflow which is a good thing because it means it’s not you that fu**ed up this time πŸ™‚ it’s an SEP.
Read the rest of this entry »

Trick Samsung Device to Hard Reset

Posted on Updated on

There seems to be a vulnerability in TouchWiz, Samsung’s touch interface. It appears that the "tel" type in the "<a>" tag will not prompt you for confirmation if the number being dialed is a system command.

For instance, because we love humor and the misfortune of others, we have this HTML page:

<html>
   <head></head>
   <body>
      <a href='tel:*2767*3855%23'>Click here for customer support</a>
   </body>
</html>

When our dear friend on their Samsung device clicks the link, they will hard-reset their phone with no confirmation. It seems that it will only prompt you if the number is one that will cost you $$$ for making a call.

WARNING – Feeling adventurous and want to try it out on your self? Do it at your own risk, it will erase all data on your phone and revert it to factory settings.

Some crazy iPhone fanboi is offering up the link for all to click on πŸ™‚

***** UPDATE *****
The H-Online reported that there is a new app on the Google Play that will intercept and prevent hard-resets from the above exploit. The app is called NoTelUrl developed by JΓΆrg Voss.