Parsia's Den

Because no one wants to be the other guy from Wham!

Sep 2, 2014 - 1 minute read - Comments - Reverse Engineering

Fireeye's FLARE Challenge

It’s been a while. I know I should have updated more frequently but lazyness prevails. Anyway, I was busy doing Fireeye’s FlARE challenges for a month or so (it was depressing to see people finish in 10 hours :). You can find the challenges at http://flare-on.com. I learned a lot doing them. They will release solutions in 2 weeks. I am also working on a writeup which I will release then.

Jul 3, 2014 - 1 minute read - Comments - Crypto

Apple's Common Crypto Library Defaults to a Zero IV if One is not Provided

Today I was writing some guidelines about generating keys for mobile applications at work. While providing code examples in Java and Obj-C for AES encryption I happened to look at Apple’s Common Crypto library . While going through the source code for CommonCryptor.c, I noticed that IV is commented as /* optional initialization vector */. This makes sense because not all ciphers use IV and not all AES modes of operation (e.

Jun 25, 2014 - 2 minute read - Comments - Burp

Piping SSL/TLS Traffic from SoapUI to Burp

Recently I was trying to test a web service. The traffic was over SSL/TLS and everything was fine. As I am better with Burp than SoapUI, I wanted to use Burp as a proxy for SoapUI. This should be an easy matter. Burp will create a custom certificate (signed by its root CA) for each site and effectively Man-in-the-Middle the connection. But this time it was different, I was getting the dreaded Peer not Authenticated error.

May 25, 2014 - 2 minute read - Comments - Python

Pasting Shellcode in GDB using Python

A few days ago I was trying to write an exploit for a buffer overflow with GDB. This was a console application and pasting shellcode would mess with it. There are a few options: Writing shellcode to a file and then using it as input for GDB. # you can also include GDB commands like setting up breakpoints (e.g. b * 0xDEADBEEF) # remember to include a new line after each command $ python -c 'print "b * 0xDEADBEEF" + "\n" + "\x41"*1000 + "\n"' > input # $ perl -e for perl # start debugging with GDB # -q (quiet mode): no text at startup $ gdb executable1 -q (gdb) run < input After this you can manually debug in GDB.

Apr 22, 2014 - 1 minute read - Comments - Amazon S3 Not Security

Amazon S3 and CSS

After I deployed my blog to Amazon S3, I realized that there was no CSS applied to the pages. In Octopress, the look and feel of website is managed by stylesheets/screen.css. It was fine in rake preview but not on the S3 bucket. I looked around for a few hours to no avail. There was one other person who had the same issue on stackoverflow but no answers. Relevant xkcd:

Apr 20, 2014 - 1 minute read - Comments - Amazon S3 Not Security

Now hosted on Amazon S3

I moved my blog from Bluehost to Amazon S3. I have not used Cloudfront yet, I doubt my blog has any visitors to justify that. It was really easy to redirect everything to cryptogangsta.com. parsiya.net, www.parsiya.net and www.cryptogangsta.com should all point to cryptogangsta.com. I have decided (for n-th time) to start updating this blog. Hopefully I will do it this time, I have some ideas to keep this blog running ;).