#!Coding Pedantics
…and opinions you didn't ask for
Coding Pedantics
Oracle Reports: My First CVE

In 2018, I had some downtime between work projects, so I waded into the world of bug bounty programs. I learned that I'm not a great bounty hunter: I only found 3 payable bugs after investing a lot of bug hunting time. On the upside, I found a bug in Oracle Reports that eventually turned into... my first CVE credit!

Read More
Cracking A "Signed" Cookie

During some downtime for the holidays, I have been looking into some public bug bounty programs. One of these programs brought me across an interesting SQLi vulnerability: a value is obtained from a cookie and used in a dynamic SQL query without sanitizing. This would be trivial to exploit but for one thing: the contents of the cookie are protected from tampering by a simple "signature". This post explores whether the signature can be cracked with John The Ripper.

Read More
Evil Maid vs. Linux FDE

I have been using Full Disk Encryption (FDE) on all my devices for about 5 years now. In the first few years, I had learned that FDE was a robust defense against physical access. Then one day I stumbled across Evil Maid, a threat model where an adversary has physical access for only a brief time. This threat model has deep implications for FDE and physical security in general, but it is relatively obscure: it doesn't even have a Wikipedia page! In this post, I develop a very simple Evil Maid proof-of-concept (POC) against the default FDE configuration in Lubuntu 16.04.

Read More
OSCP Review

The most popular posts on my blog have been my harsh reviews of the CISSP and CEH certifications. You might just think that I don't like certifications in general, and I probably would have agreed with you before I signed up for PWK/OSCP. Today, I'm going to tell you about my experience working through this unusual infosec certification.

Read More
Reflected XSS In DesignCrowd.com

In July 2014, I found an obvious reflected XSS vulnerability in DesignCrowd. In the interest of responsible disclosure, I submitted a report to the company at that time, and I can't remember if I ever heard back. This draft post has been collecting dust ever since, so I'm finally publishing it today.

Read More
Cracking JXcore… Again

In a previous article, I investigated the security claims of a product called JXcore. That has turned out to be one of the most popular (of the relatively few) articles on my blog. Not long after I posted it, I was informed that JXcore had fixed the security flaws that I pointed out. Taking them at their word, I updated that article with a note about this claim, but I never actually investigated the claim to see if it is true.

Read More
Cracking JXcore

Recently, a co-worker was trying to figure out how to protect a node.js project from reverse engineering and modification. Of course, programmers have spent decades trying to figure out ways to allow an end user to run a program without letting the end user reverse engineer or modify the program, and I've never heard of anybody successfully doing it. At best, the program is still insecure and the developers have only managed to piss off their high-paying customers.

So naturally, my skepti-larm was blaring when my coworker sent me the link for JXcore.

Read More
CEH Review

About a year ago, I posted my thoughts on the CISSP certification. I recently took the CEH certification, and so I'm taking a few minutes to reflect on this certification as well.

Read More
CISSP Review

The CISSP has become one of the hottest certifications to have (especially in the DC area) because of the growing budget for information security. But the CISSP exam itself has some major flaws, leading me to wonder if this is a valuable certification for individuals, companies, or society at large. (Disclaimer: I am a CISSP.)

Read More