/ Recent content on ciko Hugo -- gohugo.io en-us Mon, 15 Jan 2024 17:00:00 +0200 /posts/nexus5x_lens_mount/ Mon, 15 Jan 2024 17:00:00 +0200 /posts/nexus5x_lens_mount/ Prequel In a blog post in 2020 I had experimented with adding full-blown DSLR lenses to a Raspberry PI camera. Although the pictures where pretty impressive, the whole setup was not very portable. I always needed to carry around the Raspberry, the lens and mount, as well as a laptop to take pictures. And as Chase Jarvis once said: The best camera is the one that’s with you. So I sought after a more portable solution and had the idea of mounting the lens to a smartphone camera instead. /posts/domains/ Tue, 31 Oct 2023 12:00:00 +0200 /posts/domains/ Background In 2022 I published a scan-engine for domainsquatting called monodon. Monodon works well, but requires the end-user to download the entire project and execute Python scripts locally. Running monodon in cooperate environments can also trigger cyber-security products and teams. To combat this problem I always wanted to create a web-version of the scanner that is easy to use, also for beginners. Today I am launching this web-based domainsquatting scanner on domains. /posts/camera_analysis/ Tue, 03 Oct 2023 12:00:00 +0200 /posts/camera_analysis/ Just recently. I switched my old smartphone for a new one. I used a Redmi 9 Pro for over three years now. Over time, I took more than 5000 photos with the smartphone’s 3 cameras: The primary 64MP shooter, the front, and the ultra-wide camera. Out of curiosity, I have written a script to analyze my photo behaviour over the last three years, and these are the results. Camera usage The diagram shows the relation of used cameras, in slices of one month. /posts/egpu/ Sat, 19 Aug 2023 12:00:00 +0200 /posts/egpu/ Back in 2013 I had moved out of my parents for the first time and went to university. The past years I had always been gaming at friends places, while my at-home gaming setup became deprecated. Suddenly, I was out of gaming options and on the search for something on-the-budget. Instead of buying an second PC to my new notebook, I decided to try something a little more exotic: An external GPU. /posts/openvpn_issues/ Wed, 10 May 2023 13:00:00 +0200 /posts/openvpn_issues/ After upgrading my system to Fedora 38 I had some weird issues with a previously working OpenVPN connection. Since I found no documentation on these problems, I hope this post may help somebody out there. No access to TLS-Auth certificate My connection uses TLS-Auth. Although all certificates were correct, network manager could not open the connection. Checking the logs, I saw the network manager failed to open the certificate file. The permissions of the file were correct (chmod 600). /posts/quest_streaming/ Sat, 06 May 2023 18:00:00 +0200 /posts/quest_streaming/ The Meta Quest 2 is a neat and cheap VR headset. VR games and experiences are most fun with other people watching. For local viewers, Meta Quest can stream the viewed content to a Chromecast or PC. The only option to experience a game with remote viewers is to stream it to Facebook Live. I implemented a solution that allows streaming Meta Quest games to any videoconferencing platform, like Microsoft Teams, Zoom, or even Twitch and Youtube. /posts/vr_floor_plan/ Sat, 06 May 2023 13:00:00 +0200 /posts/vr_floor_plan/ The 2007 short film World Builder by Bruce Branit was my first contact with the concept of virtual reality and the possibilities it offers. The film shows a man building cityscape from scratch in a virtual environment, only using his hands as sculpting tools. I was part of the Blender community back then and the visual quality and tools were really impressive. For an upcoming move I recently wanted to visualize floor plans of a flat, that is not yet build. /posts/usb_hdmi_3/ Sat, 04 Mar 2023 15:00:00 +0200 /posts/usb_hdmi_3/ Over the last couple of years I have experimented with HDMI video grabbers from different price points. Starting with a very cheap grabber in 2020, the topic had me captured for quite some time now. If you are looking for an option to record video signals from a camera via HDMI, you find my experiences and recommendations below. I do not have hands on experience with all listed devices. If I got something wrong, please ping me on Twitter or write me an email. /posts/cameras/ Thu, 12 Jan 2023 17:00:00 +0200 /posts/cameras/ Last update: Mar 03, 2023 Webcams have become a more important part of work life since the rise of home office in the pandemic. Although good audio is far more important, proper video contribute to a good impression when speaking to clients or in public events. This article summarizes my current state of knowledge regarding suitable camera models to be used as an high quality, yet affordable webcam. The listed prices are current (Jan 22) used prices on German Ebay, Ebay Kleinanzeigen and MPB. /posts/rfid/ Thu, 13 Oct 2022 13:00:00 +0200 /posts/rfid/ Quite recently my wife lost her vaccination passport somewhere in our flat and we could not find it. A year ago, I searched 3 hours for my laptop, only to find that my robot vacuum had hidden it under the bed while it was cleaning. Searching for these things stresses me out, even if I know they must be somewhere in the flat. Since lost items are a common issue, there must be a technical solution. /posts/monodon/ Tue, 15 Feb 2022 13:00:00 +0200 /posts/monodon/ Triggered by some colleagues I was researching domain abuse and domainsquatting scanners. These scanners crawl for domains that are similar to a given name and could be used for phishing and similar attacks. An example of such a domain targeting my blog ‘ciko.io’ could be ‘ClKO.io’ (replacing the I with an l) , ‘wwwciko.io’ (mistype), or ‘ciko-blog.io’. I was under the impression that such scanners are wildly available. The most prominent ones are dnstwist and urlcrazy. /posts/twizy/ Sun, 21 Nov 2021 13:00:00 +0200 /posts/twizy/ In November 2020, I decided to buy some sort of electric car. The COVID-19 pandemic seemed to get into a never-ending story (which held true) and my girlfriend needed a dry way to reach her outdoor sporting activity throughout the winter. Since we are living in the urban area of Berlin, parking area is sparse. We were also searching for something cheap in terms of price and reoccurring cost. During the past 5 years we got along with public transport really well. /posts/cheap_usb_hdmi_2/ Wed, 05 Aug 2020 13:00:00 +0200 /posts/cheap_usb_hdmi_2/ This is a continuation of my first attempt of optimizing a cheap HDMI grabber. After my fiery failure with the first cheap USB grabber, I decided to give it another shot. This time I selected a more promising looking capture card with a metal casing. A friend of mine owns the same card, so I knew it uses the same chipset but another board design. My goal was still to optimize the output colors. /posts/raspi_cam_dslr_lens/ Mon, 20 Jul 2020 13:00:00 +0200 /posts/raspi_cam_dslr_lens/ In one of my spare parts boxes, I still had two Minolta A-mount SLR lenses lying around. The lenses (a 28-80mm f3.5-5.6 AF ZOOM and a 75-300mm f4.5-5.6 AF ZOOM) are about 25 years old but still work with modern Sony cameras. Since I only own a Nikon, I thought of some other use for these lenses. I found a Raspberry Camera Module v1 with a 5 Megapixel OmniVision OV5647 sensor in the same box. /posts/cheap_usb_hdmi/ Wed, 24 Jun 2020 13:00:00 +0200 /posts/cheap_usb_hdmi/ HDMI capture cards have always been quite expensive. Cards from renowned providers like Blackmagic cost around 150€. Cards from AliExpress and similar sellers still had some caveat. They either limited the capture to 720p or 30Hz or used some internal analog conversion, which killed the image quality. These problems seem to have vanished over the last few years, and the cards available on AliExpress and eBay now promise 1080p capture with 60fps and high image quality - so I gave it a try. /posts/homeoffice/ Fri, 05 Jun 2020 13:00:00 +0200 /posts/homeoffice/ During the COVID-19 outbreak, my employer thankfully decided to order 100% home office for my colleagues and me. While many things went very well, some still annoy me: 10 weeks into the crisis, many of the people I talk to still lack a proper videoconferencing setup. This lack is annoying, especially in larger conference calls. So I thought it would make sense to document my rather cheap videoconferencing setup here. /posts/telepresence/ Mon, 02 Mar 2020 13:00:00 +0200 /posts/telepresence/ We do have a remote colleague at work that is usually present via a permanent video chat. The video is running on a notebook sitting on a table in our office. This approach works pretty well while we are in the room, but has pretty obvious limitations when the colleague wants to move somewhere. To gift him some more abilities, I decided to build a cheapskate telepresence robot. Commercial robots come in around 1000€ (without the videoconferencing hardware) and lack the DIY charm. /posts/gpd_battery/ Sun, 26 Jan 2020 13:00:00 +0200 /posts/gpd_battery/ In June 2019, GPD shipped the GPD MicroPC that I backed in February 2020. It took a bit to arrive to me in Germany, and I got the package delivered in late July. Overall, I was pretty happy with the device. It had a few issues with a lagging cursor and the strange display that GPD turned to - a sideways mounted smartphone display instead of a proper eDP screen. Thanks to the great wok of the Linux community, a working Ubuntu Mate version was ready at release date. /posts/umpc/ Wed, 20 Nov 2019 13:00:00 +0200 /posts/umpc/ UMPCs are ultra-small form factor PCs. With the rise of Smartphone since 2008, the class of fully featured UMPCs has declined. However there are still some UMPCs in production, either with x86 or ARM processors. This list focuses on currently produced UMPCs with <8" displays and a physical keyboard. Join the Discussion on irc.freenode.net / ##umpc Last Update: 2019-11-20 GPD Pocket 2 Released 2018 (Update 2019), 7" Display, Intel Core m3-8100Y (Update Intel Celeron 3965Y), Windows 10, 4-8GB RAM, 128GB Storage, microSD, USB-A and USB-C ~600€ Win 2 Released 2018, 6" Display, Intel Core m3-7y30, Windows 10, 8GB RAM, 128GB M2 Storage, microSD, micro HDMI, USB-A and USB-C 700$ Micro PC Released 2019, 6" Display, Intel Celeron N4100, Windows 10, 8GB RAM, 128GB M2 Storage, microSD, HDMI, USB-A and USB-C, Serial $350 Planet Computers Gemini PDA Released 2018, 6" FHD+ Display, 10 Core ARM, Android + Linux Dual Boot, 4GB RAM, 64GB Storage, microSD, USB-C, 4G available, various keyboard layouts £500-£600 Cosmo Communicator Crowdfunding 2019, 6" FHD+ Display + 2" Outer Display, 8 Core ARM, Android + Linux Dual Boot, 6GB RAM, 128GB Storage, microSD, USB-C, 4G (with phone support) $569 Topjoy Falcon Crowdfunding 2019, 8" FHD+ Display, Intel Pentium Silver N5000, Windows, 8GB RAM, 128/256GB Storage, USB-A and USB-C, Pen Support $400-$500 Graalphone Graalphone Never released, presented on CES 2017, 7" Display, 4,7" Slide-In Smartphone, Intel Atom, Windows, 4GB RAM, 256GB Storage, microSD, HDMI Hands On 740€ estimated Indian price Popcorn Computer PocketPC Crowdfunding 2019, 4. /posts/pydle/ Fri, 15 Mar 2019 12:45:50 +0200 /posts/pydle/ For my pr3s3nce bot at the AfRA channel I needed a Python IRC library that does not suck. The usual suspects like irc3 are outdated and relatively hard to program. After a while I stumbled accross pydle, which I currently regard as the superior IRC library. Pydle uses Python’s async and await features, which makes programming the asynchronous message funtions rather easy. To make the code run on Python 3.5, I had to replace async and await keywords with @asyncio. /posts/afra_doorlock/ Sat, 02 Mar 2019 13:46:37 +0200 /posts/afra_doorlock/ Early 2018 I decided that my hackerspace AfRA needed an electronic door lock. Until then, we used physical keys with all their constraints. Physical keys are hard to revoke (if somebody loses their key, you have to switch the lock and re-distribute keys), expensive (issuing costs) and hard to manage. Most hackerspaces I know of already have electronic door locks. You can find the current project documentation (in German) on the AfRA Wiki. /posts/nh/ Sun, 27 Jan 2019 12:45:50 +0200 /posts/nh/ I recently published a tools on github that lets you filter your bash history in a more convenient way: nh (NiceHistory). All installation instructions can be found in the repository. By using nh you can quickly reexecute commands from the bash history file without overstressing the bash-internal CTRL+R feature. Each typed word is searched for individually per history line. Using a simple editor, commands can also be changed before they are executed. /posts/user_agent_xss/ Wed, 24 Oct 2018 17:20:48 +0200 /posts/user_agent_xss/ Every modern web browser transmits a user agent string to visited websites. The user agent exposes information about the used device, OS and browser. Several security solutions like web proxys, but also other products like firewalls display the user agent string of “protected users” in their web interface. Besides that, an administrator’s user agent is sometimes present in the audit log. In my experience, the string itself is often not properly escaped, which opens a gap to inject an XSS. /posts/testing_fileshares_for_xss/ Tue, 05 Jun 2018 14:23:06 +0200 /posts/testing_fileshares_for_xss/ Last Update: 2018-07-06 Filesharing services are a convenient way to get a file from A to B without much hassle. The rise of Dropbox, WebRTC, and other technologies don’t seem to have impaired the market for free file sharing, and there is still tons of ad-financed services around. Most of them don’t look much sophisticated. Therefore I decided to test they are vulnerable to one of the most basic attacks: XSS. /posts/simple_dns_server/ Tue, 05 Jun 2018 14:18:43 +0200 /posts/simple_dns_server/ With the python3 module dnslib a quick and dirty overriding DNS proxy can be realized. Such a proxy is useful to redirect traffic targeted to one domain to another - for example to an mitmproxy instance in reverse proxy mode. To setup the proxy install dnslib, preferably in a virtualenv. python3 -p venv dns_venv source dns_venv/bin/activate pip3 install dnslib To start overriding a domain, start dnslib’s intercept module and specify a record to override: /posts/intercepting_android_traffic/ Sat, 05 May 2018 13:46:37 +0200 /posts/intercepting_android_traffic/ During my day job, I had some recent experiences with applications that leverage certificate pinning to secure client-to-server communication. This made looking at application generated traffic nasty and I want to let you profit from my experiences. In this article, I try to provide some guidance on the workflow of intercepting Android application traffic. Setup and Proxy To start inspecting Android application traffic I usually leverage an mitmproxy server. Mitmproxy is ncurses based, which makes it great for server installations and has a solid script interface to tailor its functionality. /posts/online_apksigner/ Sat, 05 May 2018 13:38:48 +0200 /posts/online_apksigner/ I have been hacking on some Android applications recently, which involved decompiling and recompiling their source. Android requires application packages (apks) to be signed or installation will fail. The signature does not have to come from a universally trusted Root-CA, self-signed certificates are sufficient. Google offers the apksigner tool to easily sign Android application packages, and its functionality is also included in Android Studio. However, I tend to work on various machines that oftentimes do not have a JDK installed - mandatory to run apksigner. /posts/introducing_x33_li/ Sat, 05 May 2018 12:45:50 +0200 /posts/introducing_x33_li/ Recently, i came in contact with a tool that was vulnerable to an XSS via Wi-Fi SSIDs. SSIDs are limited to 32 bytes, which is very short for a proper XSS vector. The classical <img src=# onerror=alert()> is already 27 chars long, so there is not much space for any message or payload. The shortest domain I owned was 11 characters long, so <script src=//XXXXXXX.XXX></script> would have been too long for the vector. /about/ Mon, 01 Jan 2018 14:46:00 +0200 /about/ I am a Hacker and IT-Security guy from Berlin. Private IRC Find me on hackint as ciko. eloop I organize the eloop hacker conference. Github Find my Github profile and projects on: https://github.com/c1ko Email Write to me on contact [ at ] ciko dot io Twitter Find my Twitter as @cyberanlage In the space Meet me at AFRA Berlin and sometimes at shackspace Professional Find me on LinkedIn and Xing.