Saturday, December 9, 2017

Vulnerability in Wickr: Bypassing Password on Android

Summary

I have reported this issue directly to Wickr on Sep 12th to the Wickr team. Within few hours, they escalated the ticket to the devs and confirmed my findings & that they're fixing it.

The bug has been fixed for a while now, and you're urged to make sure you have the latest version.

Vulnerability Description

I have enabled the auth option to require a password. However, as soon as I switch to another app, it requires a lock immediately.

To bypass the lock, first I open recent apps context menu in Android and select Wickr. The lock screen shows. Then, I click on a Wickr message notification from the notification drop menu. It immediately opens the message itself and if I click the back button, it opens the main chat list and I can browse other chats. No password needed.

I also noticed that if I click the notification first, it does ask for a password, so first Wickr has to be selected from the recent apps, then click on the notification.


Bonus

The Wickr team was super friendly and offered me some freebies: tshirts, a hoodie, and stickers. The app is free and open source, and I'm quite happy to have been able to give back to the community, so the bonus stuff made me feel extra special.

Big thumbs up the Wickr team for their extremely fast response and fix to the issue.

Wednesday, November 15, 2017

Blockchain & Crypto Currency Introduction Seminar

In collaboration with Sirdab Lab, I'll be talking about something that I should've since 2010: Crypto currencies.

The introduction's title is: 'Intro to Crypto Currencies: Blockchain, Bitcoin & Other Bits' on Monday December 4th, 2017 at 6 PM (1800).

The content will be suitable for newbies, traders, bankers, investors, law makers and the generally curious.



Sirdab Lab's location: Dasman Complex Ground floor, Jaber Al-Mubarak St, Sharq, Kuwait City. (Google Maps).

Update:
The session was recorded and the slides & audio were merged into a video that's available now online: https://www.youtube.com/watch?v=_Mu9_PcyJi0

The description has links to the slides and the raw mp3 file, for those who want to listen to the audio online. The slides have notes under each slide for added discussion and elaboration.

Link to the slides: https://goo.gl/bcZFmi
Link to the mp3 audio file: https://goo.gl/bHTRmC

Monday, February 29, 2016

Freeing Disk from VMware Virtual Flash Read Cache (vFRC)

I was toying with vFRC in my lab and when I was done, I deleted the volume from the vSphere web client, but the local flash disk had retained its GPT partition format and was still claimed as a VMFS volume. I was unable to use that disk for other applications.

Try deleting using the web client:
 
Select the host then go to Manage tab then select Storage option and from there choose the Storage Devices entry. Select the disk, then click on the gear icon and choose Erase Partitions. Make sure you selected the right disk because this will wipe everything.


Via CLI: To delete the disk partition, first enable SSH on the host, then login and list all disks:
 ls -l /vmfs/devices/disks/

Sample output:
ls -l /vmfs/devices/disks/
total 495867432
-rw-------    1 root     root     8004304896 Feb 29 08:45 mpx.vmhba32:C0:T0:L0
-rw-------    1 root     root       4161536 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:1
-rw-------    1 root     root     262127616 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:5
-rw-------    1 root     root     262127616 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:6
-rw-------    1 root     root     115326976 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:7
-rw-------    1 root     root     299876352 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:8
-rw-------    1 root     root     2684354560 Feb 29 08:45 mpx.vmhba32:C0:T0:L0:9
-rw-------    1 root     root     128035676160 Feb 29 08:45 t10.ATA_____ADATA_SP600_____________________________7F1820011415________
-rw-------    1 root     root     128033579008 Feb 29 08:45 t10.ATA_____ADATA_SP600_____________________________7F1820011415________:1
-rw-------    1 root     root     120034123776 Feb 29 08:45 t10.ATA_____KINGSTON_SV300S37A120G__________________50026B7255068D61____
-rw-------    1 root     root     120032591872 Feb 29 08:45 t10.ATA_____KINGSTON_SV300S37A120G__________________50026B7255068D61____:1
lrwxrwxrwx    1 root     root            20 Feb 29 08:45 vml.0000000000766d68626133323a303a30 -> mpx.vmhba32:C0:T0:L0
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:1 -> mpx.vmhba32:C0:T0:L0:1
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:5 -> mpx.vmhba32:C0:T0:L0:5
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:6 -> mpx.vmhba32:C0:T0:L0:6
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:7 -> mpx.vmhba32:C0:T0:L0:7
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:8 -> mpx.vmhba32:C0:T0:L0:8
lrwxrwxrwx    1 root     root            22 Feb 29 08:45 vml.0000000000766d68626133323a303a30:9 -> mpx.vmhba32:C0:T0:L0:9
lrwxrwxrwx    1 root     root            72 Feb 29 08:45 vml.010000000035303032364237323535303638443631202020204b494e475354 -> t10.ATA_____KINGSTON_SV300S37A120G______________                                   ____50026B7255068D61____
lrwxrwxrwx    1 root     root            74 Feb 29 08:45 vml.010000000035303032364237323535303638443631202020204b494e475354:1 -> t10.ATA_____KINGSTON_SV300S37A120G____________                                   ______50026B7255068D61____:1
lrwxrwxrwx    1 root     root            72 Feb 29 08:45 vml.01000000003746313832303031313431352020202020202020414441544120 -> t10.ATA_____ADATA_SP600_________________________                                   ____7F1820011415________
lrwxrwxrwx    1 root     root            74 Feb 29 08:45 vml.01000000003746313832303031313431352020202020202020414441544120:1 -> t10.ATA_____ADATA_SP600_______________________                                   ______7F1820011415________:1



Find your disk there, and then list its partitions:
partedUtil getptbl /vmfs/devices/disks/

Sample output:
 partedUtil getptbl /vmfs/devices/disks/vml.010000000035303032364237323535303638443631202020204b494e475354
gpt
14593 255 63 234441648
1 2048 234440703 AA31E02A400F11DB9590000C2911D1B8 vmfs 0


You can see above that there's one partition labeled as "vmfs" which we need to get rid of. The leading number (in blue) is the partition number.

To delete the partition:
partedUtil delete /vmfs/devices/disks/

Sample output:
partedUtil delete /vmfs/devices/disks/vml.010000000035303032364237323535303638443631202020204b494e475354 1

Done. Look in vSphere web client and it should now report 0 primary partitions on that disk and you're free to use it for something else.

Check the partition table:
partedUtil getptbl /vmfs/devices/disks/vml.010000000035303032364237323535303638443631202020204b494e475354
gpt
14593 255 63 234441648