Posts

JSFuck is a bad security barrier.

TL;DR JSFuck can be reversed with fair ease by pattern matching (or simply string matching). Check out the code section for the actual code.
You can jump to the solution section if you don't want the background details. Why in my sane mind would I do this? I was recently analysing some of JS obfuscation strategy used by the websites. The popular ones were minification, uglification, loading JS from encoded strings, etc. Mostly they were deployed to hide the APIs from being exploited outside of the sites. But upon careful inspection, almost all of the JS obfuscation gave away their APIs and the extracted knowledge could be used to write wrappers for those in any language of choice (although, using JS had the advantage to use their codes directly). Then I hit upon another strategy which made this task seemingly impossible. JSFuck.

All the APIs required some form of keys to be sent with each request which was verified on the server side. These keys were generated by some form of hash…

Testing the waters of Lisp

Image
Lately, I have been exploring Lisp, Common Lisp to be more exact and I have seen some of the stuff ways out of imagination. I am going to talk about two such feature here.

The next three paragraphs are giving the background of my relationship with programming languages and Lisp. Feel free to skip it and bite directly into the juice.

I can code in few languages and they belong to a wide range of paradigms. The first language I learned, in what can be said in depth was Java. I learnt it in my high school and later the deeper stuff in the first year of my college. I have also explored Ruby, Python, C, C++ and a few more languages. Having explored all these somehow made my perception of computer languages different. I could see the good points and bad points of all those languages and only opinion I had about languages are they are made of different kinds of stuff for different reasons and they are beautiful in themselves. And obviously, I either stayed out of language wars or supported …

My journey in the land of Operating Systems

A small lore: The legend has it that a Creature was wandering in a dark deep forest. One day, he was commanded by the Great Master to write a bootup code for a dummy kernel. Confused what it was and how to write it, he started reading up old scrolls and searching for ways to complete the task. His research made him realise that he needed to write something called a 'boot sector'. He came across many guides and books on Operating Systems, but they all started with the kernel using some other boot loader. Then he came across a magic scroll which showed him the right path, enlightening him on his way. Then he successfully finished the task.

That night when he was grazing the stars, he recalled that a long time back he had wandered onto a path that lead him to develop a small kernel. He remembered that he had to abandon the path because he took a wrong turn somewhere and was not able to find anyway ahead. Now having written a bootloader, he could now vaguely see the mistakes he ma…

Migrating from Gitolite with Redmine to Gitlab

Recently, SDSLabs, the campus tech group of IITR I am a member of, migrated from Gitolite with Redmine to Gitlab. I found the materials available on this matter is very less and mostly we had to invent our own wheel to move our repositories, issues, wikis and users to Gitlab. So I thought of writing a blog post, in case any one in future may need these steps and so that he may not have to reinvent the wheel.

Note: To follow the guide you need to first have an administrator account(i.e. its active browser cookie and private token) in Gitlab and need an Redmine administrator account key for Redmine REST API.

Important:All the scripts given are dependent on the base.py and the conf.py file of the original repo: https://github.com/sdslabs/redmine-to-gitlab. So to use it, clone the repo or tweak the script to be independent of them.

First comes the transfer of the repositories. Well this is the easiest part of the story! There is an official guide for this and a rake task. All you  have to …

My personal hostel wifi auto login

Well, as usual this is also about a solution to one of my problem!

At my hostel we were provided with a wifi that requires login. The problem is that this wifi logs you out every 30 mins. So every 30 min we were forced to fill in the login details, which was really distracting when you are in middle of some deep research or watching a youtube video! This sent me in search of a program which can help to automatically login into the wifi for us.
I got plenty of apps for mobile. My personal favorite is WiFi AfterConnect Web Login
But I was not able to get any such app for computers. So, I decided to write a program which will login into the wifi for us. My first intention was to develop it in a language which compiles to native binaries like c++. But upon research I found very good headless browser for Java, but failed to do so for others. The other language for which the solution was a easy one was c#, which I didn't know, nor, was in a situation to learn it.
After that, I though…

SMS Updates for IIT Roorkee News

Hi buddies!!

This time I am here with a new SMS solution. This is similar to the first one. This is for automatic SMS updates for the News Board at IIT Roorkee website. I found out that, although most of news come up on our internal online notice board, a few important ones come up on this board. Since news over here are not so frequent, no body, forget regularly, ever cares to check this board. So I thought of bringing up a automatic daily checker script, which checks up the notice board for new news and notifis by SMS on your mobile. Deploying this is almost similar to the first one.

At present I am just giving the links to script:
https://script.google.com/d/1lHaL-jAVOPTxRUFppwUNy0A3S5tuDMiQIIkyDBabTRRja48spUxiMUSN/edit?usp=sharing

Just follow the steps given on my first post to setup the calender and the triggers.
Once you are done, just sit back and relax, you will get all your notification on your mobile!!

If you like it do not forget to share this blog!!

Hospital Management System (my second full fledged program)

Blabbering... You can skip it Hi buddies ...

Sorry for no being able to post any blog for a long time. There were so many topics on which I wanted to post and so many newly gained knowledge that I wanted to share, but I was not able to gain the permission of long standing and ever persistent time. My new college, new friends, so many things to learn, so many things to know about and without forgetting, for my vested intrest in literature and cinematic, watching movie, tv shows and reading novels, kept me engaged throughout the half year! The one thing I realized that computer science is a vast domain and the is always so much to learn!!!

Well as the title goes here I am to talk about my second full fledged program. Ya, second, my first was a simple paint program, developed by me as an assignment for Xth ICSE Board exam. It is a sad thing that I am no longer in the possession of the source code or the final program, but proof of it is sill buried in the assignment records of my school.…