The Fibonacci Sequence

In different languages

Bash #!/bin/bash function fibonacci { local n=$1 [[ $n == 0 ]] && echo $n && return [[ $n == 1 ]] && echo $n && return local x=$(fibonacci $((n - 1))) local y=$(fibonacci $((n - 2))) echo $((x + y)) } echo -e sh\\t$(fibonacci 14) C #include <stdio.h> unsigned int fibonacci(const unsigned int); int main() { printf("c\t%d\n", fibonacci(14)); return 0l; } unsigned int fibonacci(const unsigned int n) { return ( n < 2 ? [Read More]

Cyber security

Creating a Linux password hash Like you find in /etc/shadow. mkpasswd --method=sha-512 --salt=Kf0TqvhN Search tools Use different search engines Banner grab httrack inspy metagoofil intitle:“index of” Infosec websites https://www.webmaster-toolkit.com/ https://hackthissite.org https://www.shodan.io https://searchdns.netcraft.com https://www.exploit-db.com/searchsploit https://pipl.com/ https://haveibeenpwned.com https://wigle.net/ https://www.peekyou.com/ https://www.spokeo.com/ https://radaris.com/ https://piknu.com/ Cracking a KeePass2 master password with John the Ripper john <(keepass2john easy.kdbx) Considerations Language vulnerabilities Common cyber attacks Tor Crypto attacks - frequency analysis Data encryption standard AES advanced encryption standard Substitution permutation network Kali Linux Vulnerability research with reverse engineering, penetration testing and ethical hacking Low level Linux programming and/or comprehensive knowledge in operating system security and associated network/platform design, hardening and deployment. [Read More]

Decrypting TLS traffic

In Firefox

A Docker image that runs Chromium headless with SSLKEYLOGFILE set, opens an HTTPS page and dumps the decrypted TLS traffic to the terminal. Also runs in Play with Docker. Pull and run docker run --net host deanturpin/ssldump Dockerfile FROM kalilinux/kali-linux-docker RUN apt update RUN apt install -y chromium RUN apt install -y ssldump RUN apt install -y psmisc CMD \ # Kill the ssldump in the future or the container won't terminate ((sleep 10s && killall ssldump && cat ~/dump. [Read More]

Mobile frequency allocation

GSM 850⁄900 MHz 1.228 MHz = 3Mb/s Wireless 802.11n 40 MHz channel width 2.4 GHz 5 GHz https://en.wikipedia.org/wiki/List_of_WLAN_channels#/media/File:2.4_GHz_Wi-Fi_channels_(802.11b,g_WLAN).svg 2412, 2417, 2422, 2427 2432, 2437, 2442, 2447 2452, 2457, 2462, 2467 2472, 2484 UMTS (3G) 3GPP W-CDMA (wideband) 2100 MHz 5 MHz = 2Mb/s Each cell uses 1.8-12 kb/s U-NII 5.150 - 5.925 https://en.wikipedia.org/wiki/U-NII Bluetooth 2.4 to 2.485 GHz A computer chip selects the 79 channels of the ISM band automatically to prevent eavesdropping and interference with other equipment. [Read More]

Simple Python web server

To report browser headers

My work Firefox ESR browser seemed to be giving up my username (I.e., half of my login credentials) in its HTTP headers so I wrote simple Python-based webserver that mirrors the browser HTTP headers back to the browser. The script is encapsulated in a Docker image and could be deployed to an AWS instance. Here the server is started on common HTTP ports. docker run --rm -d -p 80:8080 deanturpin/http docker run --rm -d -p 443:8080 deanturpin/http docker run --rm -d -p 8080:8080 deanturpin/http Dockerfile FROM ubuntu RUN apt update --yes RUN apt install --yes python COPY . [Read More]

The federal preserve

Fermentation: the art of cooking without cooking

Salt All these recipes use a percentage of salt to allay the progression of pathogens in favour of the good bacteria. All measurements are by weight, so if 1.6% salt is required then 1000g of veg would need 16g of salt. But you should always taste the mix during preparation. 2% salt is the standard but I go down as far as 1.6% with sauerkraut and haven’t experienced much mould. [Read More]

Security through absurdity

It was recently suggested that I consider using “unusual [TCP] ports” at work as a security measure. After I got my breath back I found these quotes. Security experts have rejected this view as far back as 1851. Rogues are very keen in their profession, and know already much more than we can teach them. System security should not depend on the secrecy of the implementation or its components. [Read More]

Travis CI

Configuration for C++, Python, R, bash and Graphviz

Note: my use of Travis CI has been superseded by GitLab which has all this built in. In fact this blog is generated by GitLab. Create an account with your GitHub login and enable a repo to get started. (Travis Pro appears to enable new repos by default.) Simple C++11 compilations If you just want to get something building quickly the default Trusty build has clang 5 pre-installed, no need for complicated matrices. [Read More]

An open letter

To my 20-year-old developer self

Things I’ve learned in 20+ years as a software engineer. You need a work laptop Not only does this give you the option of working from home but in reality your brain doesn’t work 9-to-5. You can make a note of an idea for tomorrow but why not get it done there and then? If your employer gets two weeks of extra work out of you it’s already paid for itself. [Read More]

Resetting a forgotten Windows password

When you’ve misplaced the password to a local Windows account. Seen to work on Windows 2000, 7 and 10. Prerequisites: a 4GB USB stick and a machine capable of creating a USB boot disk (Ubuntu is good). Time to complete: half an hour to download Kali and create the stick and a few minutes to reset a password. Download the latest Kali Linux ISO and create a USB boot disk on another machine. [Read More]