Deep Dive Articles

The Best Way to Learn a New Programming Language from Scratch - How I Approach and Learn Any Programming Language Efficiently

Preface: The following article is based on my experiences and opinions on learning programming languages. I have been learning about computers in-depth and find learning languages with specific purposes useful. For example, Python was for beginning, C is for memory management and Rust is for learning to write memory-safe code in my case. This time, I started learning Golang which is known for its simple syntax and powerful performance, and widely known for its awesome concurrency.

Why More is Not Always Good in Terms of Software - Words on Cross Platform Utilities, Bash-ism, and POSIX Compliance.

Preface: This article is about my views on software compliance and cross-platform support, and reflects my opinions and experience with the subject. Your experience and opinions may vary, which I respect. What I am Specifically Talking About? I am going to talk about the issues caused by non-compliant software and why more features are not always good, especially in the case of the upgrade of tools on a single platform.

Why I Shifted From Arch Linux to Debian Linux?

Preface: The following article is based on my personal experience with Arch Linux and Debian Linux. While I appreciate both distributions for their unique strengths and different use cases, the information provided reflects my own opinions and experiences. Your experiences may vary. What was I going for Initially? Bit of my Story as a Beginner Linux User When I started using Linux, I was going through security stuff and learning computer security when I was in my High School.

Tmux is the Ultimate Choice for Power Users - An Awesome Terminal Multiplexer for Managing Persistent Sessions

What is Tmux? Tmux is a Terminal Multiplexer Application for Linux and MacOS for managing terminal sessions and Windows. It is to be mentioned that Tmux is not a terminal emulator, instead, it’s a terminal application, a binary that allows you to stay productive over your terminal. It doesn’t matter which terminal emulator you are using (although I recommend the Suckless Terminal). The functionality of managing Windows and the session doesn’t happen on the desktop GUI side but on the terminal session, you are working with.

The Concept of RSS Feed - A Reliable Way for Publishers and Subscribers Model

Preface: I have been looking for simple solutions in nearly everything related to computing. A lot of software designed these days is not designed per your requirements but as per companies’ profit. Hence, most of these solutions end up sucking your time and energy and need to be replaced by more optimised solutions that would boost your productivity in the right way. RSS Feed is something that I found after searching for solutions related to subscribing to websites or creators without sucking much resources and design that is reliable to the user itself.

Breaking RSA Encryption on Hardware Devices with Side Channel Power Analysis — Leaking the Private Key by Exploiting Square-Multiply Algorithm

Preface: This article is about leaking the private key from hardware devices that implement RSA encryption which is part of hardware hacking. The author is not responsible for any damage caused by the given information. It is recommended to be careful while performing these attacks as they can damage the hardware or even destroy it. All the information provided here is for educational purposes. There are no such prerequisites for understanding the theory, although knowledge about modular arithmetic, basics of encryption mathematics, basic electronics, etc.

Serious Reconnaissance with Unmanned Aerial Vehicles — Mapping Out Devices in an Area with Drones

Introduction: The following content is for educational purposes and for hackers living in basements knowing enough ethics. The author is not responsible for any damage caused by the knowledge provided here and does not support anything like that. It’s essential to check out the rules in the area of reconnaissance about the tactics provided here and the use of materials (unless and until there is any apocalypse and a solid recon is required).

The Fundamentals of Hardware Hacking — Breaking and Reverse Engineering Smart IoT Devices

Disclaimer — This is an introductory article about Hardware Hacking and Security of IoT Devices. None of the mentioned information or techniques are intended for any illegal purposes and the author is not responsible for any damage. It’s advisable to experiment on devices that you own or have explicit permission to do so. Rest of all, hardware hacking is fun! The Beauty of Electronic Devices In the ever-growing world of smart devices and the connectivity of things to the internet, life has become more convenient than ever.

Setting Up a Remote Git Server — A Simple and Concise Step-by-Step Guide to Host a Private Git Server

Preface: This is a concise and simple guide to hosting a remote git server. I have been researching this topic for a while and came up with the idea of writing an article with a step-by-step guide for hosting a private git server. Covering all the aspects of git is not possible in a single article, so it’s assumed that the reader has prior knowledge of git and version control.

The Nature of Linux Kernel Development — Difference Between Rules of Kernel Level and User-Space Application Level

Preface: This article is intended to explain a clear distinction between the core principles of Linux Kernel Development and User-Application Level Development. The provided information is based on my research on Kernel Development through various sources and I have tried to make it as accurate as possible. Efforts have been made to explain it as simply and concisely as possible. Introduction to the Nature of Linux Kernel Linux Kernel is the abstraction layer between the Operating System and the Hardware in the system.

Linux Process Scheduling — The Reason your Linux System Processes so Efficiently (Kernel Perspective)

Preface: I was going through the book “Linux Kernel Development” by Robert Love, one of the best books I have referred to for low-level stuff and understanding the workings of Linux. I study this book with intensity, simplify the concepts and write it down here so that the readers can get a straightforward description and all they need to know about the topic. Covering the whole Linux Process Scheduling is not possible and is not the goal of this article.

Linux Processes — A Kernel’s Perspective Explained with Clarity and Simplicity

Preface: I have been going through the book “Linux Kernel Development” by Robert Love which I highly recommend for understanding the Linux Kernel in depth. I decided to write this article to explain “Linux Processes” simply and concisely. The topic itself is broad and is not explained into the deepest of it, but essential for Linux Administrators, Developers and even Linux users to appreciate the beauty of the Kernel they make use of every day.

NGINX for Deploying Next.js Application on AWS EC2 with AWS ELB — Control and Stability of Deployments

I was looking for an article like this a few days ago, which I didn’t find at that time, so I did the deployment on my own and came up with this article to prevent other developers from saving those efforts and focusing on development. I am not explaining every single step and have provided links for references. I prefer manual deployment of applications over automated (and even serverless) methods. Although they are convenient and require less effort by the developers, they are bound to the providers and offer less control over the underlying system.

Configuring and Building the Linux Kernel — Absolute Guide to Compiling Your Kernel

Linux Kernel is an Open-Source Software and the user is free to modify and customise it as per the requirements. The modification of the Kernel requires a deep understanding of the working of the Kernel, although patches are available to make the Kernel optimised for specific hardware. Linux Kernel Source Code has various options to configure the drivers, modules, preferences on hardware options, etc. This part can be studied by the user and is pretty much easy to work with.

The Elegance of the Linux Kernel — A Concise History of Unix and the Creation of the Linux Kernel

Introduction and Context I was going through the book “Linux Kernel Development” by Robert Love, an absolute guide to getting started with Linux Kernel Development and a highly recommended book for understanding the core of the Linux Kernel. Linux Kernel has been one of the most important software ever written and is even considered one of the biggest projects ever undertaken by a single person. The idea of the Linux Kernel was initiated by Linus Torvalds, a student from the University of Helsinki and is maintained by him to date (while writing this article).

Linux Shell Scripting — A Suckless and Concise Guide to the Command-line of Linux

Prior Statements: This is a concise guide on the Linux Shell Scripting while consolidating all the facts about the Linux Shell for quick developer’s reference while using Linux. I am referencing the Bash (Bourne-Again Shell) which is the default shell for Linux-based systems. I will also be providing references and external links to dive into depth and not fill the article with too much explanation about a single topic which is not universally required by all the readers.

Suckless Utilities for Arch Linux — The Most Minimal Way Run a Computer

Suckless utilities have been my favourite at this time and kind of essentials for my use of the computer. I have been using Arch Linux for a fair amount of time now and I started using it with XFCE for few weeks. I would appreciate the XFCE desktop environment for it’s smoothness and light-weight nature with works really fine when newly shifting on Arch Linux. But then I learnt the suckless ecosystem and eventually shifted to it as my full-time environment.

Installing Pacman in Arch Linux — When You Blow it Up

Let me suckless and divide the article into two parts: My story how I blew up Pacman Package Manager How to reinstall the Pacman Package Manager If you only care about the second part, skip the first one. The Scenario — Blow it Up I was trying to install the pacman game from the Internet to get it running on my Arch Linux Terminal (I use Suckless Terminal BTW). When I got it installed and played it, it was super awesome.

Boot Process of Computers — A Learner’s Perspective Of Exploring the Depth of Computers

Prior Clarifications: Here, I will be providing a philosophical explanation about the bootloaders and understanding them in a simple and as minimal way as possible. This is not supposed to be a manual for bootloader or provide any advice for experimenting over your live system. It’s my journey to understand computers (one of the most complex creations of mankind) and I will be stating my thoughts. Take it with a pinch of salt.

Networking Fundamentals for Linux Administrators — A Suckless and Concise Explanation

Statistics are clear on the fact that 96.3% (while writing this article) of the servers use Linux as their Operating System which is no doubt what every other Linux user on this Earth expects. I believe that the Linux Administrator has to take the shot about the configuration of Networking in Linux Based Server. Some of the underlying concepts remain the same for any other distros but it is mainly intended for Linux.

Operating Systems and Low-Level Access to the Hardware — Why should you learn it?

Today, I completed the whole read of the book “Linux Kernel in a Nutshell” by Greg Kroah-Hartman and I highly recommend that you go through it if you want to understand how to build your custom configuration of Linux Kernel and all you need to know about all the nuts and bolts. It’s always great to have such handbooks around the desk. This blog is about why it’s so awesome to look into the operating system you are using with your hardware and why have a grasp on the Low-Level aspects of a computer.

Arch Linux Custom Builds — Freedom of the Operating System

While writing this blog, I was reading the book “Linux Kernel in a Nutshell” by Greg Kroab-Hartman and as far as the pages of the book are concerned, it seems to be a two-day read (this is a handbook so reading it once and having around the desk is super useful). By the way, the author has the book left open for download http://www.kroah.com/lkn/ so check that out if you want to follow up.

Bypassing the Linux Login to access the files (with Physical Access), even the root!

Imagine being away from the computer for a couple of minutes and getting to know that the system has been compromised and a backdoor has been installed into the system. “The system was locked?” doesn’t matter, without the bios security implementation (which most probably would not be implemented), all the files can be recovered without any login made to the Login Screen. This goes with the story of me trying to get my Wi-Fi troubleshooting in Arch Linux where I was trying to upgrade the Kernel of my System to get the Wi-Fi working properly (as mentioned in the previous blog.

Serious Reconnaissance with Unmanned Aerial Vehicles — Mapping Out Devices in an Area with Drones

Planted April 2, 2024

Introduction: The following content is for educational purposes and for hackers living in basements knowing enough ethics. The author is not responsible for any damage caused by the knowledge provided here and does not support anything like that. It’s essential to check out the rules in the area of reconnaissance about the tactics provided here and the use of materials (unless and until there is any apocalypse and a solid recon is required). Rest assured, using drones and hacking techniques is awesome!

Introduction

Drones or Unmanned Aerial Vehicles in general are awesome due to their reachability and control from long distances. Modern UAVs can carry a lot of payload within a long range of distance and are relatively inexpensive than ever before. Hence, any hacker in the basement with limited resources or a survivor of an apocalypse can build it anywhere. Combining these features with tools that can help map out devices around the area is an awesome way of doing a quick reconnaissance.

In this article, I am referring to drones as UAVs, especially FPV drones due to their speed and maneuverability as well as the capacity to carry payload. These are relatively inexpensive to build and can be built to have a long-range as per the requirements. Although, any UAV would work like a spy plane, etc. The fact that drones are stable and can be static in situations of halting the movement in one place can be particularly useful in some situations where the recon is taking time to execute. Since drones can fly at lower altitudes with higher degrees of control over a plane, and the type of equipment used by the hacker in the basement is inexpensive, proximity to the recon target is essential.

Modern cities have millions of devices at every corner of them. These devices continuously emit radio frequency of standard frequency with lots of data. This continuous emission of data can be used to fingerprint the device and find out the kind of activity happening at that particular location. For example, smart meters continuously emit radio frequency for communication over a large mesh of networks. Hence, knowing the emission can take you toward the power grid, mapping out all the meters all over the place. This article incorporates carrying out recon over the area with UAVs and mapping devices to monitor activities as well as advanced methods to recon specific devices with edge computing on the UAV as well as cloud integration.

What to Recon in your Area?

In a city or any area in general nowadays where the movement of people is present, there are devices along the way. These devices emit radio waves to communicate or even as part of their functionality. It’s surprising to watch the stats showing the emission of these radio frequencies all over space with the amount of information disclosure. Hence, capturing these radio frequencies and analyzing them would reveal a lot of information about the area.

Here, I am not considering a single portion of the spectrum of Radio Frequency but the whole range of standard frequencies at which devices communicate with each other and reveal their information. For example, Access Points like Wi-Fi routers emit packets showing their presence over the area, disclosing their MAC addresses. These packets can be captured over a large and a lot of information can be fetched by it. MAC addresses reveal information like its Vendor or even model numbers. Since these devices are in buildings and offices, direct recon would not have been possible. This can be considered as a leak of information outside the premises since radio waves have no boundaries over the walls.

This information can be used by malicious attackers to social engineer the targets by vendor names and exact model numbers of the devices. Further down the road, various protocols can be found in these devices which can be exploited by existing exploits, over the computers in the UAV can be helpful.

Mapping a Heat Map of Devices

Since UAVs are capable of flying for long ranges, the emission of Radio Waves can be captured and marked on maps. This includes tools like Software Defined Radio, for example, RTL-SDR, HackRF, etc. to be mounted on the UAV and connecting it to a small or single-board computer like a Raspberry Pi or Nvidia Jetson Nano. A software can be written to capture the data and mark the device on the map of the area for future reference. Also, data can be pushed into cloud servers if the Internet is accessible by the drone. Since the cloud has a lot of storage and is expandable, long recon projects can be carried out.

The technique and technology used here depend upon the resources. Real-time data processing while the UAV is flying is awesome and can fetch faster results but at the same time, the development of such a device takes considerable time as well as resources. Hence, data that is captured can just be logged and returned to the base for analysis.

Devices like Wi-Fi access points are very common. Hence, specialized equipment must be used in this case such as monitor mode Wi-Fi adapters with Single Board Computers. Since Wi-Fi access points disclose a lot of information, it needs to be treated separately.

Required Resources to Gather at Minimal Reconnaissance Project

The following are the resources required to do this at a minimal level:

  1. An FPV Drone with a Payload Capacity of more than 1 Kilograms
  2. Software Defined Radio Adapters like RTL-SDR
  3. Alfa Long Range Wifi adapter with 2.4GHz and 5GHz dual-band support with as many antennas as possible.
  4. Single Board Computer like a Raspberry Pi
  5. Storage Medium like a light-weight Portable SSD
  6. GPS device to find the location Having these many resources is sufficient for getting the recon project done. Again, a lot of things can be minimized and upgraded as per the required preferences.

And of course, having some drone skills would help a lot since FPV drones need a lot of practice to handle. A lot of equipment is installed on the drone, so no one wants to crash it and lose the material and data.

Advanced Attacks over the Sky

Since a whole computer is attached to the UAV, real-time attacks can be carried out on the way. For example, WiFi access Points have UPNP exposed, which sometimes is not only at the LAN but also WAN (it’s a misconfiguration done by vendors which has been seen as per my research on UPNP). Active recon can be done in this case to know the possibilities of using functions in UPNP to get port forwarding to recon internal devices in the LAN.

Over the flight, deauthentication attacks can be done to capture handshakes all over the area to crack it on the cloud servers or after getting back the drone with GPUs.

For this purpose, automated scripts need to be written that would be the attack done at the right time and the right location. More the effort, more the data can be retrieved from a particular location.

Nowadays, smartphones also emit a lot of Wifi packets for discovery. Hence, people density maps can be calculated and places can be known of people gathering over a location. This is usually used in supermarkets to find where people visit the most and improve the marketing things. This is done with the same Wifi adapters that monitor the area for these packets. For our project, this can be done with a hovering UAV marking the MAC address and devices at the location on the MAP.

Conclusion

It’s scary to think about the amount of information these devices can gather over the area. And availability of these devices these days is not difficult and is more inexpensive than ever. What I have written is just a scratch on the surface of the level of recon that can be done. For example, automating the drone flight and getting swarms of drones can get this thing done with high efficiency. If these drones are controlled by malicious attackers, it can cause a denial of service over the space and within the reachability of these UAVs.

Previously, a similar mechanism was used with cars called war-driving where these tools monitored the area and that vehicle was driven over the area. With these UAVs, it can be done from a remote location with much more area covered and cost-optimisation.