Wednesday, July 28, 2010

Ubuntu Tweak

Finally got rid of the stupid pink login screen using Ubuntu Tweak. What a pain!

Thursday, July 15, 2010

Hacker skills in action

Have you ever needed to use your 1337 hacker skills in real life as a non-security professional?

I was once given the task of writing a Windows library to connect to a Juniper VPN system. All I was given was just the web interface of the system. A task that cannot be completed without reverse-engineering skills.

Some experiments with the system showed me that the VPN system wasn't too complicated. After the user authorizes himself via the login page, an ActiveX or Java applet will be launched, which will subsequently download and run a Windows application that is responsible for the VPN connection.

Authenticating via the login page programmatically to retrieve the cookie for the session was a trivial task. For downloading and running the Windows VPN application, with my 1337 Java skills, I decided that reverse-engineering the Java applet was the way to go. After decompiling the applet with Jad, all I needed to do was modifying the code to make it run in a "simulated" applet environment, and everything went on smoothly.