Blog ✍️

🕰 7:00 What a nice morning! And it’s so great to be woken up by a high-pitched cry in the ear… Well, after giving my daughter her breakfast and doing all the neccessary hygine procedures for us both, I left her by my side on the development carpet, so that I could develop myself…

🛠 Environment and Tools: macOS Catalina 10.15.6 (19G2021) + pyenv 1.2.20 + Python 3.8.5 + Visual Code Version: 1.49.1, VBox Version 6.1.12 r139181 (Qt5.6.3) + Kali Linux + radare2 4.6.0-git 25077 @ linux-x86-64 git.4.4.0-749-g2a0d8fbe5

Moscow has again become Mordor-like, the Sun is starting to make its heat more official rather than genuine because it’s getting desperately cold.

Tools: Android Studio 4.0.1, built on June, 25, 2020 (Runtime version: 1.8.0_242-release-1644-b3-6222593 X86_64, VM: OpenJDK 64-bit Server VM by JetbBrains s.r.o.)

05:35 am 😪 Even though I went to sleep too late yesterday (due to my wushu 🧎🏽‍♀️practice and a bath I had to take to help my muscles overcome the shock of such an unusual physical activity after almoust a year of turning into a very pretty and round stump of a tree and covering with moss after several months of coronavirus-driven self-isolation), I couldn’t keep my eyes shut because I was so obsesed by and absorbed with the idea of my new project: Android Exploiter. So, I tried to fall asleep (just for appearance’s sake) for about 40 minutes, but since my husband has already gotten up and my little three-year old daughter as well, seemed no use to insist. So, I got up and was about to go to the kitchen, but was stuck by my laptop once again… Why this stupid application is not running? What am I doing wrong. 😡 That day I’ve hardly left the table…👩🏽‍💻

So I created some repulsive HTML pages with a crappy JavaScript🤮. I remember one of the first projects: a page with a binary converter🙌. Some time later, when I’ve found a job as a C# programmer, I’ve met the beauty of asp.net (http://asp.net/) and realized I don’t have to deal with php (which my soft mental constitution could not bear 👸) and that I don’t always have to write websites from scratch and what’s more, to develop the design for it myself… After I’ve started my career in InfoSec field, I’ve stumbled upon a task which I managed to solve with .net web engine and my beloved C#. But the site was as usual, not very pretty, to say the least… Actually, I’ve tried to copy VisualStudio styles and managed partly, but it was like a 5 year old trying to copy Tician. Almost.

*Ничего так, тепло.*

Где-то в тёмном-тёмном лесу, среди высоких старых деревьев, притаившись в кустах выжидают свою жертву хищники. И даже несмотря на то, что они могут быть не такими страшными, как товарищ из фильма, тем не менее могут принести немало проблем. Мало кто воспринимает интернет как “страшный и таинственный лес”, но тем не менее в какой-то степени так и есть. И хищники там тоже есть, и поверьте мне, они не такие милые как пушистое создание на картинке.

“Open me! I am a payment order! I am important, I swear!”, - some RTF-file was yelling. I wasn’t expecting any bills so this slyboots did not maim my poor little laptop. Phew ! Lucky me! But since this was a social engineering attack (not very crafty but still), someone less concerned with his or her safety could have opened it and cause him- or herself a lot of trouble. What I am trying to say (very inarticulately ) is that simply opening a small RTF document could result in absolute disaster for your machine! In this post I am telling the story how exactly does it happen…

Среда: VBox Version 5.2.12 r122591 (Qt5.6.2), Win7x64 SP1