0x27.me Home of the 0x27 Finger Discount

PureVPN - A Bunch of WTF


So I decided I’d take a look at PureVPN quickly today, because they are a VPN provider who claim no logs but snitch on their users to the feds and frankly, its a Thursday and I am bored. Sure, they snitched on a dude who was probably a shit human being and all, but really, if you are a VPN provider and you lie about having a “No Logs” policy… You are going to get whats coming.

On the supposed 'Cost' of IoT Botnets...


Note: The following article is intended to be highly tongue-in-cheek as it points out the glaringly obvious. I do not condone following any of the hypothetical “instructions” outlined in the thought experiment provided. This information is already known to the crooks out there who are doing nasty things to our internet, so its not like writing about it is going to do anyone any harm… The views expressed here are probably my own (on Tuesdays, at least) and do not represent the views of my cat,...

Practical Exploitation of the VPN 'PortFail' IP Leak against Torrent Users.


Today there was a critical vulnerability in various VPN providers disclosed by the Perfect Privacy VPN’s security team. This vulnerability can lead to “unmasking” or “decloaking” of VPN users under certain conditions, and after some analysis of how it works, I determined that this issue is of utmost importance to those who use VPN services to mask their bittorrent traffic from MAFIAA scum, as it can allow for ‘uncloaking’ of Bittorrent users quite readily.

Synthesis of p-Nitroacetanilide from Acetanilide


This is another lab report dug up from the archives of lab reports for the fun of it.

SSH Over SCTP (With Socat)


This is a quick post, kind of a reposting of a thing I pastebinned about a year ago that has served me REALLY well in evading stupid paywalls in airports and the likes. Also in evading a ridiculous firewall at the Uni I sometimes attend.

Looking back at the ElasticSearch 'Groovy' Remote Code Execution Vulnerability.


4 months ago… I was examining using ‘ElasticSearch’ as a logging mechanism for recording and searching data from a network of honeypots I run. Well, a mixture of ElasticSearch and Kibana, for logging Kippo and suchlike, when I stumbled across a posting on the “Wooyun Drops” Chinese security research blog detailing a vulnerability in the (at the time current) version of ElasticSearch.

Tracking down spies C&C infrastructure for shits and giggles


This is a quick post to splainz the methodology behind how we were able to make fingerprints for the Hacking Team and Equation Group C&C infrastructure allowing remote identification of their servers, as shown in The Italian Job and Equation Smasher releases on Github.