About me

Paolo Iannelli Picture

Paolo Iannelli

Sr. Software Engineer / Software Architect at LeaseWeb

Location
Amsterdam Area, Netherlands
Industry
Information Technology and Services
Interests
Python, Big Data, Scalability, High Availability, Performance
Description
Senior Software Engineer and Architect with more than 8 years experience.
Strong in critical thinking, problem solving and high performance architectures.
Paolo Iannelli Labs Rss

Change status of Whatsapp via command line

Posted on : 13-01-2012 | By : Paolo Iannelli | In : Bugs, Security, System Administration

Tags: , , , ,

0

It is couple of days that whatsappstatus.net released a small app to update your status, proving the lack of security in the action.

RVDM claims in his post a way to do it via .NET and via CURL.

Since I am a command line lover, I recommend you to take a read of such post and, for very lazy people, this is the *nix command you have to issue to accomplish the task (thanks @bluesky_nl) :

Cheers!

Working to Disk Nukem

Posted on : 04-01-2012 | By : Paolo Iannelli | In : C, Security, Software Development, System Administration

Tags: , , , ,

0

Hello folks,

shortly, I’m currently working on Disk Nukem, a data destroy utility based on DBAN.

Disk Nukem will be able to perform same operations as DBAN as well as reporting data via a web API and to web-based GUI interface, an updated kernel for device’s compatibility and others enhancements.

If you want to check it out, take a look at : http://github.com/piannelli !

If you like it, join the development!

 

Cheers :)

Most annoying Windows 7 bug : trick your friends!

Posted on : 23-03-2011 | By : Paolo Iannelli | In : Security, System Administration

Tags: , , , , , , , ,

0

It is now at least two years that I discovered this bug, but still Microsoft probably didn’t even identify it.

I tried it with Windows 7 Enterprise Edition and Ultimate edition, but other versions might be affected as well.

The bug is pretty annoying when you have people around and you lock the workstation.

In fact, anyone can enable the High Contrast for accessibility on your machine, even without unlocking your workstation !

The result is that when you log back in, apparently everything is normal, but your color scheme suddenly get switched to High Contrast.

Imagine how this can piss you off if you don’t know it!

There is only one requirement : the machine must be locked (so the user should have been logged already in and locked the workstation after)

How do I do that ?

It is pretty easy.

When your victim’s machine is locked, go to Accessibility options in the bottom right and enable the High Contrast feature, then press OK.
Now click on Switch User : you will be redirected back to the user selection screen (Windows may ask to press CTRL+ALT+DEL for it) with normal contrast settings.
Proceed clicking on the user that was logged in and leave the screen with the password field as it is.

When the victim will type his password, he will resume his session, but with a “WTF?!?“, because his color scheme will be switched on High Contrast !

 

I don’t assume any responsibility if any of your colleagues or friends will kick you for doing this !

Have fun and I hope Microsoft will now fix this bug in one of their software updates !

P.S. : if you get any video of your friends getting crazy with it, place a link to the video in a comment =)

SSH Port Knocking on Ubuntu

Posted on : 09-03-2011 | By : Paolo Iannelli | In : Security, System Administration

Tags: , ,

2

My friend Ronny Roethof posted on his blog an interesting article about SSH Port Knocking. Before linking you to his article, I would like to briefly talk about this technology.

What is Port Knocking?

How many of you did ever open a door without even asking for who is behind it, recognizing the door knocking sequence of your friends?
Probably everyone of you.
Port Knocking in a Linux System works exactly the same.
In the setup Ronny discuss about SSH Port Knocking and how to secure SSH access from unauthorized people, simply leaving the default port 22 for SSH closed and opening it only after a sequence of TCP/IP packets on specific ports.

Cool! How do I do that ?

Supposing that before opening the port 22 we want to send a sequence of 1 syn packet to port 1234 and 1 syn packet to port 4321 (the entire sequence is fully customizable), we can follow Ronny’s instructions on his blog post and having it done in couple of minutes.