According to Google, “the G Suite legacy free edition will no longer be available starting May 1, 2022.” Therefore, I shut down my account and documented the process for you. Read this post for guidance on how to do the same.

There were multiple aspects to migrating away from G Suite legacy free edition. These included:

1. Getting a copy of all my data
2. Migrating over to a new email provider
3. Preparing Google Drive shared files/folders
4. Shutting down the G Suite account
5. Signing up for regular Google accounts
6. Locking down the new Google accounts

Preface

I’m only covering things I had to do. Your situation will likely be different. Your G Suite account may use other Google services such as:

Overview

My gaming rig died. Gaming rigs can be expensive ($1000-$4000 on average, depending on how much you’re willing to spend). So I spun up a GPU instance on AWS to test how Doom 2016 played as a proof of concept. After the first 5-10 minutes of letting the hard drive warm up, it was buttery smooth. This lead me to investigate the overall costs for using AWS for my PC gaming rather than buying a new rig.

overview

This post goes into my journey of making a cryptocurrency trading bot on AWS. The core code for this project is not and will not be published, but I do share lots of code on my GitHub account. Rather, this post details my approach, the roadblocks I hit, and the things I learned.

table of contents

This is a long post. Here are some links to its sections:

• ruthless prioritization
• keep it lean
• how to bleed money
• profiling saves money
• code analysis
• unit tests
• “good enough” has its limits
• go interfaces
• insert breakpoint
• conclusion
• appendix
  • blocking in go
  • error handling
  • signalr

ruthless prioritization

Over the years, I’ve taken on more projects than I can count. And I’ve finished maybe 2 of them. So for this project, I set a well-defined goal along with a deadline.

I participate in bug bounties and pentests in my spare time. I save my code to a private git server that I host on AWS. This post describes the rationale and process I use for this.

Problem

When working with these programs, it is often part of the NDA to handle client data securely. This includes using encryption, no 3rd party hosting (Dropbox, Pastebin, etc.), no public disclosure, and similar reasonable requests.

During a recent pentest, I encountered a WAF (CloudFlare in this case). I learned some interesting things about how to go about bypassing various filters.

Identifying What is Blocked

1. Find an SQL injection.
2. Use as simple of a test case as you can such that the WAF does not block your request.
3. Use that as a base request for sqlmap (see documentation here).
4. Proxy all sqlmap traffic through your proxy of choice (I like Burp).
5. Start sqlmap and look at Burp to identify which requests are getting blocked.
6. For each blocked request, compare them to the successful requests to find out what was different. Very likely, there is a slight change that the WAF is picking up. Simplify the request to identify what strings/patterns are blocked by the WAF. I use Burp Repeater for this.

Bypassing the WAF

• There are lots of good examples of how to bypass various WAF protections in the sqlmap tamper directory. Read through the code there to get some ideas.
• Other techniques include replacing single occurrences of spaces or plus signs with two of them (eg: + replaced with ++). This makes it so things like union+all statements (blocked by some WAFs) can get through the WAF by using union++all.

This blog post details the steps I took to set up AFL fuzzer to target MozJPEG. I did this using the base image that was set up in the post on fuzzing XPDF. This post is written to document how to fuzz something like an image parser.

Install prerequisites

These are required in addition to anything inherited from the previous blog post.

sudo apt-get install nasm autoreconf libtool

Prepare MozJPEG

cd ~/Downloads
wget "https://github.com/mozilla/mozjpeg/releases/download/v3.1/mozjpeg-3.1-release-source.tar.gz"
tar -xf mozjpeg-3.1-release-source.tar.gz
cd mozjpeg
# Running `autoreconf` is required to avoid some errors.
autoreconf -f -i
# Instrument MozJPEG using AFL
CC=~/bin/afl/afl-gcc ./configure --disable-shared
make clean all AFL_HARDEN=1

Prepare ramdisk

This code is used to set up a ramdisk, which should hopefully speed up reads and writes.

This blog post explores my first experience with AFL (american fuzzy lop). I targeted Xpdf, a PDF viewer for Linux distributions. This post is mostly designed to document my trial and error approach to optimizing the fuzzing process of Xpdf by using various AFL tools.

setup

operating system

All of this was performed on a standard Ubuntu 14.04 build. No updates were installed. This was because I wanted a more vulnerable setup, so that I could have a higher likelihood of success with AFL.

This blog post will demonstrate how to go about reverse engineering structures and functions of interest in a binary. Once this has been accomplished, I will show how to modify the program at runtime to alter the program flow in our favor.

overview

For our example, we will be using Microsoft’s Halo for the PC, using build number 01.00.00.0564. Because this is a first person shooter, classic examples of functions of interest would be the ammo counter, health counter, etc. If we are able to modify those functions’ functionality, we would be able to gain unlimited ammo, health, and more.

This blog post will demonstrate how to trigger a vulnerability with only the public information available provided by the vendor during a security patch release cycle. For this analysis, I will be using CVE-2014-0301 that was patched in MS14-013.

casing the target

First, I gathered as much information about the target vulnerability as possible. By simply looking at the bulletin, it can quickly be seen what files were patched. For Windows 7 (32-bit), the new file information includes qedit.dll, with a file modification date of 2013-06-03.

DarunGrim is a patch diffing utility written by Matt Oh. It uses IDA Pro and a few open source python libraries to perform patch diffs. At the time of this writing, DarunGrim 3.12 Beta is the most recent release. It can be obtained from Github. If that link goes down, you can get it from this mirror. This page tells you which prerequisites are needed, where to get them, and how to install them. Alternatively, you can use this zip file that contains all the prerequisites in one place and save yourself some from having to hunt them down (DarunGrim uses some pretty old versions of the required libraries).