Go Is Amazing, So Here's What I Don't Like About It


After my last post and generally the kind of indirect advertising I’m doing to the Go programming language for a few months now, I heard about and talked with a lot of people who started being interested in the language, so for once I decided to write what I don’t like about it instead, to provide a more balanced perspective of what’s my experience so far and maybe let some of those people realize that Go is not the right choice for their projects after all.

NOTE 1

It’s important to say that some, if not most of the things I’m about to write are purely subjective and related to my programming habits, they do not necessarily represent so called “best practices” and should not be taken like so. Moreover, I’m still a Go noob, some of the things I’m going to say might just be inaccurate / wrong, in which case feel free to correct me and teach me something new, please :D

NOTE 2

Before we start: I love this language and I already explained why I still consider it a better choice for several applications, but I’m not interested in an opinion war about Go vs Rust, or Go vs whatever … use what you think it’s best for what you have to do: if that’s Rust go for it, if you think it’s binary code you send to the processor by using your nipples to inject faults into some data bus, go for it, both cases, code and let code, life is too short for being a language hipster.

Read More

All Hail Bettercap 2.0, One Tool to Rule Them All.


It’s with immense pleasure that I announce the release of the second generation of bettercap, a complete reimplementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network monitoring (we <3 blueteams too), 802.11, BLE attacks and more! :D



ベッターキャップ!


Read More

DIY Portable Secrets Manager With a Raspberry Pi Zero and ARC


For the last few days I’ve been working on a new project which I developed for very specific needs and reasons:

  1. I need to store safely (encrypted) my passwords, sensitive files, notes, etc.
  2. I need to access them from anywhere, with every possible device ( desktop, mobile, terminal ).
  3. I need those objects to be syncronized accros all my devices.
  4. I don’t want to use “the cloud”.
  5. I don’t want to pay for a server.
  6. I don’t want to enable port forwarding and host it myself with DynDNS or alikes.

So I wrote ARC.

arcd

Read More

This Is Not a Post About BLE, Introducing BLEAH


This is not a post about BLE, but rather on how to hack it … well, to be honest, BLE devices are usually very easy to hack, so it’s just a quick intro to it, I’ll also take the chance to open source one of the last tools I’ve made and that I kept private so far. I moved the features I thought to be dangerous ( aka: auto fuzzing all the BLE things and bring chaos ) in a private fork which will stay private, however it’s not that complicated to chain bleah with other tools ( cough … radamsa … cough ) and have lots of fun.

dr.evil

Oh and this is also because someone asked me some intro on BLE, so yeah, his fault.

Read More

GPD Pocket 7: Impressions, GNU/Linux Installation and Offensive Setup


It’s no secret I’ve been recently playing with the GPD Pocket 7, an ultra small laptop which can run GNU/Linux and has more than decent hardware. Tablets are cool and everything, but I’ve been a fan of ultra portable Linux devices since the Sharp Zaurus series. Considering that a lot of people were interested I decided to write this post to share my impressions, installation procedure and configuration tips.

gpd

Read More

TerraMaster NAS TOS <= 3.0.30 Unauthenticated RCE as Root


Recently I bought a TerraMaster F2-420 NAS from Amazon in order to store my private code, backups and this kind of stuff. As soon as it arrived I started to play with its web interface and eventually I wanted to see how it was implemented, moreover I was curious to see if I could find any remotely exploitable vulnerability.

As you can see … I succeeded :)

nas

Read More

Android Applications Reversing 101


Every day we see a bunch of new Android applications being published on the Google Play Store, from games, to utilities, to IoT devices clients and so forth, almost every single aspect of our life can be somehow controlled with “an app”. We have smart houses, smart fitness devices and smart coffee machines … but is this stuff just smart or is it secure as well? :)

Reversing an Android application can be a (relatively) easy and fun way to answer this question, that’s why I decided to write this blog post where I’ll try to explain the basics and give you some of my “tricks” to reverse this stuff faster and more effectively.

I’m not going to go very deep into technical details, you can learn yourself how Android works, how the Dalvik VM works and so forth, this is gonna be a very basic practical guide instead of a post full of theoretical stuff but no really useful contents.

Let’s start! :)

start

Read More

Thoughts on WhatsApp E2E Encryption AKA Security Is Real Only if It's the Default.


Yesterday Tobias Boelter posted on his blog this article which essentially highlights a message rentransmission vulnerability on WhatsApp which makes it leak sensitive information if the recipient’s key changed, only alerting the user after the message has been sent.
The Guardian has then picked up the info and posted the article “WhatsApp vulnerability allows snooping on encrypted messages“.

In a matter of hours, a shit load of experts (and unfortunately also lot of ppl who are not experts at all) pointed their fingers at The Guardian, arguing that it’s not a backdoor and all other kind of sterile polemics. At some point, Moxie from Open Whisper Systems, the noprofit organization who made Signal, the only really secure messaging app we’re aware of and the library that WhatsApp recently integrated in order to give E2E encrypted messaging to all of their users, published on the blog this: “There is no WhatsApp ‘backdoor’“, which seemed to have put the word END to this conversation.

I do not agree and, since a lot of ego is going on here, I’d like to share my thoughts as well.

Read More