script


Sep. 11, 2020

Decoding the hacker in 'C U Soon'

C U Soon is a recent Malayalam film released on Amazon Prime. The movie caught my attention especially because of the way they made this movie with minimal logistics during the COVID-19 lockdown, but still managed to justify the visuals to the narrative and the technicalities involved in the making. By far this is the only Malayalam movie which justifies the role of a cybersecurity professional a.k.a hacker character in the most believable and real manner.

Nov. 24, 2016

Understanding HTTP.sys Denial of Service(BSoD)

Introduction A remote code execution vulnerability was announced by Microsoft in early 2015 and was found being widely abused across internet. Though it was announced that this security issue could let an unauthenticated remote attacker to execute arbitrary codes, I have not seen any working PoCs for RCE publically disclosed. However, there are PoCs available to do Denial of Service in the form of BSoD on the affected systems. Microsoft released a patch MS15-034 for this critical vulnerability in April 2015.

Dec. 29, 2011

Sha Bang Covert Action

Let’s think about logging. A smart hacker will always go for covert mode of action, this require the knowledge of how the logging is happening in the target system, get the privilege to access those files, and clean the entries. Now considering the first step, linux system stores all sort of logs in a default location /var/log/. This location contains multiple log files depends of the application running on the system.