Ok, I pimped my terminal with oh-my-zsh and Powerlevel10k. Then I realized that my Visual Studio Code for macOS runs my code in the terminal, but with ugly box characters there? It seems that the font is not loaded properly for terminal in Visual Studio Code for macOS. So, I changed the font via User… Read More »
This is the third part of dissecting the obfuscated NodeJS code. Just in case you missed1. Part 1, you can read it here: https://tintinnya.com/2024/09/suspicious-code-repository-for-job-seeker-part-1/ and 2. Part 2 here: https://tintinnya.com/2024/10/suspicious-code-repository-for-job-seeker-part-2/ Function P(), ot(), rt() are called if the victim is using ‘linux’ platform. Section 3.1.2 function P()Let’s see what is this function do At glance,… Read More »
This is the second part of dissecting the obfuscated NodeJS code. Just in case you missed the Part 1, you can read it here: https://tintinnya.com/2024/09/suspicious-code-repository-for-job-seeker-part-1/ From the first dropper discussed in the Part 1, I found another obfuscated NodeJS file named test.js which was downloaded from the IP address and port number hiding in the… Read More »
I was told by my circles in WhatsApp Group that there was an X.com user almost become a victim of malicious code from a suspicious code repository. This post will discuss on what I did to uncover the details of the malicious obfuscated code inside the code repository. The post actually began with the story… Read More »
In 2020, I did some reading and writing Python code to read NSICCS (National Standard for Indonesia Chip Card Specification) using USB SmartCard Reader Gemalto PC Twin Reader. This was possible using pyscard v1.9.9 with Python 2.7. I just realized that the library was installed on my old MacBook Pro Retina 2012 and has not… Read More »
I was doing a certain task that required me to rename the whole files in the folder with an extension of JPG. Initially, as a person who loves to do tasks using CLI (command line interface), this is an easy task. Find the pattern of the files, that is only three digits of number, then… Read More »
I am working with awscli and gcloud a lot. Sometimes I need to know whether I’m currently working on my lecturing account, or my work account. I’m thinking of a good indicator on which profile account and region I’m working right now. And oh-my-zsh already have that, since I installed it last year ?. This post only discuss on how to prepare the oh-my-zsh to have indicator with AWS Profile.
It takes 14 minutes to read this blog.Updated May 2nd, 2021: adding some clarity on several parts. It’s been a long time since I played my last CTF. Most of the CTFs I played were on the weekend and it was only 24 hours. But this CTF is special because it runs internally. Kinda fun,… Read More »
You might be accidentally updating your apt source list and type apt update. But you might not realize that upgrading your installed module will cause one of your favorite tools not working: netdiscover. In my case above, I’m running Kali Linux 2020.3, with netdiscover version 0.5.1 and libpcap0.8 version 1.10.0-2. I encountered this problem earlier… Read More »
When I’m on my MacBook Pro, I use command line a lot. Either for casual task, or work related task. Sometimes, I need to access website to detect things while I’m doing my task in Terminal.app. Using curl or wget is inevitable. But some websites are reluctant to show me the proper result, due to… Read More »
