April 2013
TOR+Privoxy minimal setup for DGN2200v3/MIPS architecture
In a previous article I talked about how to customize the Linux based WLAN+ADSL Netgear DGN2200v3 router and prepared various binary packages ready for the device. In this short article I’m offering a small full setup that can be run on this router (and many other compatible ones and in general on any MIPS+uClinux hardware setup) to be able to use easily the TOR network to browser anonymously. In this way all the users behind the router can easily achieve anonymous surfing.
Anonymizer Anonymous Surfing Dgn2200v3 Embedded Linux Linux Desktop Linux Embedded Mips Security Teaching Material The Onion Ring TOR Transparent Proxy
5 minutes
Command line PHP deobfuscation
Recently a customer asked me to debug some problems on their Joomla!/PHP site that had interoperability issues after some long time for unknown reasons. The site was using some commercial plugins which producer was long time gone and unreachable and worst of all they were all obfuscated. So even searching for some basic string that was displayed on the screen on error to understand what’s going on was not a straight forward exercise and going through the code was a mess. Apart from changing the code in a logical way, for example by adding intermediate variables or splitting variable assignations into more operations and so on, the first most annoying part of PHP obfuscators is that they modify most of the characters in the strings values with their respective hexadecimal (format \xXX) or octal (\XXX) values and eliminate any line feeds or code structure. Once you get rid of this the code stays quite very messy but is, at least in the cases I analyzed, quite readable and just needs a little more bookkeeping with automatically named vars to go through. Getting rid at least of this confusing representation is quite straightforward on the command line with a few tricks.
Command Line Deobfuscation Linux Desktop Php Reverse Engineering Security Teaching Material
4 minutes