noraj (Alexandre ZANNI) - Cybersecurity engineer & Pentester

How to find out the Linux distribution name and version

There is the old method cat /etc/*-release to match distribution release file. For example on openSUSE this will match with /etc/SuSE-release. This method is deprecated and will be removed in the futu

c99.php : A backdoored backdoor

C99 is a PHP webshell. Attackers uploads it on web server in order to get information and above all execute commands with web user privileges (ex: www-data). This webshell is protected by a customizab

Tracking down Tor users with mouse movements

Jose Carlos Norte, security researcher, wrote a post detailing how Tor Browser users can be uniquely fingerprinted using the mouse wheel, mouse speed, a CPU benchmark, and “getClientRects”. POCs (proo

How to convert VirtualBox vdi to KVM qcow2

VBoxManage can't directly convert vdi to qcow2, so there is two options : With VBoxManage convert vdi to raw and with qemu-img convert raw to qcow2 With qemu-img convert vdi to qcow2 Notes : vdi are

How to disable SSH login for the root user

Create a new user. In the following example, we will name it bob. root# useradd -m bob root# id bob uid=1000(bob) gid=1000(bob) groupes=1000(bob) Set the password for the new user. root# passwd bo

FreeBSD 10.3 is here

FreeBSD update to version 10.3. Main improvments: 15 security flaws patched UEFI support Gnome 3.16.2 Full Release Notes on official FreeBSD website.

OpenBSD 5.9 is here

OpenBSD update to version 5.9. Main improvments: Pledge - a new mitigation mechanism process in restricted mode security improved 70% of user components converted WiFi 802.11n multithread network

Examine the codes sent by the keyboard

A usefull command if are want to read keyboard input : showkey. Very useful to know keycodes when programming. What is showkey ?# showkey - examine the codes sent by the keyboard How does it work ?# s

Newsoo: a French Usenet access provider has been closed

The man known as Optix, the owner of Newsoo, was taken into custody by the DIPJ the 2016/03/22. Newsoo was a French Usenet provider, the service was delivering 2 GB of pirated data per second. Sacem p