SerHack - Security Researcher

Analysis of a Redline Based Malware

Wed, 22 Mar 2023 00:00:00 +0000

In recent months, there have been increasing attempts to spread malware via some seemingly ‘harmless’ programs, luring the user through rewards such as sending money with cryptocurrency or NFT-themed gifts. The unsuspecting user by running an ‘innocent’ executable to access prizes becomes part of a botnet. -Continue to read the article on SerHack.me

Reverse Engineering the OMNIVISION OS12D40 Driver

Wed, 07 Dec 2022 00:00:00 +0000

In Part 6 of our series, we structured a theoretical discussion regarding the devices, how they communicate, and the hardware elements that enable this. -Continue to read the article on SerHack.me

Techniques for Setting up Peripherals via PIO and DMA

Wed, 30 Nov 2022 00:00:00 +0000

In Part 5 of our series, we focused our efforts on understanding how the firmware was structured. In doing so, we analyzed the folder with the system executables and delved into the various configuration files. -Continue to read the article on SerHack.me

Exploring the Operating System of Reolink RLC-810A

Wed, 23 Nov 2022 00:00:00 +0000

In Part 4 of our series, we focused on the file system and before concluding, we were able to extract files from two UBIFS images contained within the firmware. Here in Part 5, we will try to better understand the structure of the root file system by introducing some basic concepts of the operating system used by Reolink RLC-810A, namely Linux. -Continue to read the article on SerHack.me

Understanding the UBI File System in Embedded Devices

Wed, 16 Nov 2022 00:00:00 +0000

In Part 3 of our series, we explored the hardware device elements of the Reolink RLC-810A ― focusing on the NAND memory. We continue with Part 4 of our exploration into an IP camera firmware through introducing the concept of a file system. Furthermore, we will explore the technical reasons for choosing the UBI File System (UBIFS), a file system used especially for a category of mass storage, and we will unpack the UBIFS part using the ubi-extract tool. -Continue to read the article on SerHack.me

Dissecting Reolink RLC-810A Hardware: A Detailed View

Wed, 09 Nov 2022 00:00:00 +0000

Now that we know how device booting works, let’s try to extract some parts from the firmware that we downloaded in Part 1 of our series. Here, we are interested in two main sections: the Linux kernel (which takes care of booting the device services) and the flattened device tree (which allows the kernel to know the hardware configuration a priori without inspecting each device). -Continue to read the article on SerHack.me

Booting an Embedded OS: the Booting and U-Boot Phase

Wed, 02 Nov 2022 00:00:00 +0000

In the first post, we introduced embedded devices and started to scour through and extract information from Reolink IP camera firmware. At the end of the post, we ran Binwalk, which showed various types of files such as Flattened Device Tree, uImage Header, and UBI File System. -Continue to read the article on SerHack.me

Introduction to Firmware Analysis of a Reolink IP Camera

Wed, 26 Oct 2022 00:00:00 +0000

Embedded devices continue to increase in popularity and one category, in particular, that has become en vogue as of late is the Internet of Things (IoT). The emergence of these next generation technologies has driven the home automation evolution from simple light bulbs to cloud-connected printers, smart refrigerators, etc. -Continue to read the article on SerHack.me

The Story Behind the Alternative Genesis Block of Bitcoin

Thu, 06 Oct 2022 00:00:00 +0000

In this article, I attempt to explain the early source code of Bitcoin and make correlations with the source code currently in use. My intent is to help you better understand the early details regarding the history of Bitcoin and the enigmatic figure of Satoshi Nakamoto. As far as newcomers to Bitcoin or to the blockchain space are concerned, this may be a fairly complex article to understand as my target audience are average and more experienced users. Despite this, I have sought to make it as understandable as possible. -Continue to read the article on SerHack.me

Unveiling the Anonymous Author: Stylometry Techniques

Thu, 03 Mar 2022 00:00:00 +0000

One of the techniques that fascinates me most about writing is textual analysis, which includes semantics (the meaning of words) and syntax (the use of signs and letters to construct sentences). -Continue to read the article on SerHack.me

Analyzing the Mario Themed Malware

Fri, 01 Oct 2021 00:00:00 +0000

If you were a child with a Nintendo DS like myself, growing up you will undoubtedly have played (for countless hours) video games from the Mario series. Appearing for the first time in Donkey Kong, Mario is the undisputed protagonist of the video game brand of the Nintendo development house ― from sports to cars, most of the famous video games produced by Nintendo have Mario as the main character. -Continue to read the article on SerHack.me

How to Measure Execution Time of a Program

Sat, 24 Apr 2021 00:00:00 +0000

Measuring the performance of a program means keeping track of the consumption of resources used by the program. -Continue to read the article on SerHack.me

Assemble, Verify and Execute a Program

Mon, 05 Apr 2021 00:00:00 +0000

Assembly program creation The process of creating an Assembly program goes through the following steps: Writing one or more ASCII files (extension .s) containing the source program, using an ordinary text editor. Assembly of the source files, and generation of the object files (extension .o), using an assembler. Creation, of the executable file, via a linker. Verification of operation and correction of any errors, via a debugger. Assembler The Assembler transforms files containing the source program into as many object files containing machine language code. -Continue to read the article on SerHack.me

An Introduction to Cryptocurrency Wallets: Which Wallet Type Suits You Best?

Mon, 29 Mar 2021 00:00:00 +0000

As the blockchain and digital asset ecosystem continues to blossom and produce revolutionary technologies that may potentially be the driving forces of the Fourth Industrial Revolution, newcomers to the space are considering what storage options are available for assets such as cryptocurrencies and crypto tokens. -Continue to read the article on SerHack.me

Introduction to Assembly Language

Mon, 22 Mar 2021 00:00:00 +0000

In the first part of this course, we are going to introduce some rudiments of Assembly, focusing on basic programming concepts and comparing compilation to assembly. What is Assembly Language? Assembly language is a low-level programming language for a computer. A low-level programming language means that the instructions are basic and the computer can easily recognize what it is told to do. Using the assembler, assembly language can be converted to machine language, which is the lowest level language. -Continue to read the article on SerHack.me

FAQ for Assembly course

Sun, 21 Mar 2021 00:00:00 +0000

A collection of the most diverse questions I have received via email that might be helpful before tackling the course. What knowledge is required? In order to face the course with serenity and not to go crazy at the first lines of code, it is necessary to have a basic knowledge of computer architecture (the basic components) and iterative programming. The notions will be covered as the reader gets deeper into the course; otherwise Google is your friend! -Continue to read the article on SerHack.me

Chapter 1: Introduction to Hugo

Sun, 14 Mar 2021 00:00:00 +0000

In this first chapter we will begin to cover static, dynamic, and GoHugo sites. We will introduce the differences between the various technologies, and next we will explain what Hugo is. Difference between dynamic and static sites Unlike dynamic sites, static sites have less or no dependence on databases, application servers and thus provides greater security, faster loading speed and better performance for end users. Maintaining and manually updating each page of a static site is cumbersome. -Continue to read the article on SerHack.me

Intel 80x86 Architecture

Mon, 01 Mar 2021 00:00:00 +0000

Von Neumann architecture This basic model of a computer as a processing unit that receives input, communicates with a memory and produces output is known as the von Nuemann architecture named after the first computer scientist John von Neumann. In this architecture, the processor itself consists of several specialized parts: The arithmetic logic unit (ALU)-the central processing unit capable of performing mathematical and logical operations. The control unit that directs the movement of instructions in and out of the processor and sends control signals to the ALU so that it performs the correct operation at a given time. -Continue to read the article on SerHack.me

A Beginner’s Guide to Getting Started with Bitcoin

Wed, 10 Feb 2021 00:00:00 +0000

If you have heard about blockchain or cryptocurrency, then the term that initially comes to mind is Bitcoin. Launched 12 years ago, it was the late 2017 bull run that created a media frenzy that propelled Bitcoin into the mainstream and our modern day lexicon. -Continue to read the article on SerHack.me

How to Write a Technical Book

Thu, 07 Jan 2021 00:00:00 +0000

For some people, publishing a book represents a dream, or lifelong goal, whereby they share a particular experience or subject matter expertise. -Continue to read the article on SerHack.me

How to React to the Ledger Data Breach: 5 Recommendations

Mon, 21 Dec 2020 00:00:00 +0000

If you think you are amongst the users affected by the latest Ledger data breach, it is important not to panic! Follow a few simple steps and you can check the extent of the damage and keep an eye on the security of your account. -Continue to read the article on SerHack.me

Convos: A Persistent Self-Hosted Web Client for IRC

Fri, 18 Dec 2020 00:00:00 +0000

Throughout 2020, in large part due to the lockdown, many people have started to become familiar with internal communication tools. Microsoft Teams, Slack, Telegram, Mattermost, and a few others are the most widely used and recognizable of these tools, but there still seems to be some people using Internet Relay Chat (IRC) ― one of the first online messaging services. -Continue to read the article on SerHack.me

A Practical Analysis of the Ledger Phishing Email

Mon, 02 Nov 2020 00:00:00 +0000

Attempts at phishing and social engineering attacks have increased exponentially as of late, especially towards users who are active in the cryptocurrency space. Recently, there has been much discussion about a cunning attempt by phishers against Ledger and its users. -Continue to read the article on SerHack.me

Phishing: Persuading People through a Voice Synthesized by AI - Part 1

Mon, 12 Oct 2020 00:00:00 +0000

I get between 10 to 20 emails per day and, usually, more than half of them are phishing attempts. Phishing attempts are a type of email scam that typically aims to obtain personal data of the victim, including username and password for email accounts and popular services (Gmail, Hotmail, mail.ru, Twitter, Amazon, etc.), through pages forged ad hoc to simulate login sections. -Continue to read the article on SerHack.me

What is Stealth Address technology and Why Does Monero Use It?

Wed, 16 Sep 2020 00:00:00 +0000

Monero is based on the CryptoNote protocol and utilizes the most powerful cryptographic techniques in an effort to protect the privacy of the sender, recipient, and obfuscate the amount transacted. -Continue to read the article on SerHack.me

Monitoring Your Own Infrastructure Using Grafana, InfluxDB, and CollectD

Tue, 21 Jul 2020 00:00:00 +0000

For some companies, infrastructure is the heart of its business. Specifically, I am referring to those companies which need to manage data and applications located on more than one server. -Continue to read the article on SerHack.me

Credits

Fri, 24 Apr 2020 00:00:00 +0000

This page was created to celebrate all the contributors and people who helped SerHack in the last few years. There are few people that incredibely helped me into creating, developing and working on the website. Christoph Ono Christoph Ono is the designer behind my theme and my website. From fonts to colors, every single detail has been composed by him! He is a UX and digital product designer based in Munich, Germany. -Continue to read the article on SerHack.me

The Myth of Privacy and End-to-End Encryption in Zoom

Thu, 02 Apr 2020 22:00:00 +0000

Zoom is a service to host meetings without the need to install and configure complicated applications: it is one of the many solutions for those who, during quarantine, want to keep in touch with friends and relatives. -Continue to read the article on SerHack.me

Take off the Infrastructure of a Scammer: Cryptonder and Torowallet

Fri, 13 Dec 2019 00:00:00 +0000

On a rainy autumn day, I was contacted like many users by a suspicious individual on Telegram. He insisted on asking for the help of the user who had to recover his wallet which contained several bitcoins. Our ‘friend’, hencereferred as ‘Z.’, insisted that the user has to register on the platform to be able to unlock his wallet at the price of 0.3 BTC. -Continue to read the article on SerHack.me

Monero Windows and Linux CLI Compromised: The Analysis of Binaries

Wed, 20 Nov 2019 00:00:00 +0000

As mentioned in the getmonero.org blog post, the binaries of Command Line Interface (CLI) of Monero were recently compromised. -Continue to read the article on SerHack.me

Introducing the New Website: From WordPress to Gohugo

Sat, 02 Nov 2019 00:00:00 +0000

At the beginning, I started my website on 14th May of 2017 when the recent Wannacry malware has appeared. My first post, in fact, was to discuss and to analyze the malware in deeper, explaining technical concepts to people who do not know anything about Windows and SMB. -Continue to read the article on SerHack.me

Unpacking ASIC firmware: AntMiner Exploited

Sat, 18 May 2019 00:00:00 +0000

Experts say cryptocurrencies (such as Bitcoin, Monero, and Ethereum) will be the protagonists of the future decentralized and distributed economic system. If this is true then one of the most debated topics in the field of cryptocurrency, how to verify payments while spending as little as possible in terms of resources, is especially important for cryptosecurity. -Continue to read the article on SerHack.me

Privacy Policy

Sun, 21 Apr 2019 00:00:00 +0000

Questo sito non utilizza alcun script per ottenere informazioni riguardo gli utenti che visitano SerHack.me. Cloudflare potrebbe utilizzare alcune informazioni riguardo la vostra connessione e ogni visita potrebbe essere loggata dal vostro ISP. This website does not use any scripts to obtain precious informations from the users that read the articles. However, Cloudflare might use some of your informations and every connection might be logged with your ISP too. Consider using VPN or visiting TOR blog. -Continue to read the article on SerHack.me

Botnet analysis based on IRC network

Mon, 18 Feb 2019 00:00:00 +0000

With one of my many honeypots actived around the world wide web, I discovered an interesting script written with the famous Perl programming language. This Perl script is a malware used to remotely control a machine, opening what is technically called backdoor. If this malicious program runs on multiple machines, there is a possibility that the attacker may have created a botnet. -Continue to read the article on SerHack.me

MyMonero Phishing – Reversing the fake Android app

Fri, 04 Jan 2019 00:00:00 +0000

Mastering Monero first edition has been released

Fri, 21 Dec 2018 00:00:00 +0000

‘Mastering Monero: The future of private transactions’ is your guide through the world of Monero, a leading cryptocurrency with a focus on private and censorship-resistant transactions. This book contains everything you need to know to start using Monero in your business or day-to-day life, even if you’ve never understood or interacted with cryptocurrencies before. -Continue to read the article on SerHack.me

Mastering Monero

Thu, 20 Dec 2018 00:00:00 +0000

Book overview Across these eight chapters, “Mastering Monero” can take a reader from a complete crypto novice to an informed crypto citizen that knows how to protect his or her privacy. This book takes you by the hand on an exploratory adventure, showing you the world of blockchains and crypto, before taking you on a private tour of the Monero protocol and systems. Illustrations throughout the chapters make it easy for readers to understand the content visually. -Continue to read the article on SerHack.me

Ultimate Member User Profile & Membership Plugin STORED XSS

Sat, 06 Oct 2018 00:00:00 +0000

Ultimate Member is one of the many user profile & membership plugins for WordPress. The plugin makes it a breeze for users to sign-up and become members of your website. The plugin allows you to add user profiles to your site and is suitable for creating advanced online communities and membership sites. Lightweight and highly extendible, Ultimate Member will enable you to create almost any type of site where users can join and become members with absolute ease. -Continue to read the article on SerHack.me

FontStruct - Break the Font InfraSTRUCTure!

Sun, 30 Sep 2018 00:00:00 +0000

The website FontStruct allows even novice users to create their own personal font from scratch. A very simplified procedure: you sign up and you are ready to compose your font. Everything is offered through a simple interface as a free service. Not bad for a free service! -Continue to read the article on SerHack.me

MEGA Chrome Extension Hacked - Detailed Timeline of Events

Tue, 04 Sep 2018 00:00:00 +0000

On 4 September at 14:30 UTC, an unknown attacker managed to hack into MEGA’s Google Chrome web store account and upload a malicious version 3.39.4 of an extension to the web store, according to a blog post published by the company. Upon installation or auto-update, the malicious extension asked for elevated permissions to access personal information, allowing it to steal login/register credentials from ANY websites like Amazon, Github, and Google, along with online wallets such as MyEtherWallet and MyMonero, and Idex.market cryptocurrency trading platform. The trojanized Mega extension then sent all the stolen information back to an attacker’s server located at megaopac[.]host in Ukraine, which is then used by the attackers to log in to the victims’ accounts, and also extract the cryptocurrency private keys to steal users’ digital currencies. -Continue to read the article on SerHack.me

Deobfuscation and Understanding a Trojan Jscript

Wed, 06 Jun 2018 00:00:00 +0000

Over 50% of cyber attacks are executed through malware, whose job is to find a flaw to inject other types of viruses including malware, adware and much more. Knowing the computer remotely, it can spy on the screen and even crypt the files: a wrong click and you lose anything. -Continue to read the article on SerHack.me

Google Dorks: The Powerup for the Search Engine

Wed, 16 May 2018 00:00:00 +0000

It is estimated that Google has downloaded more pages than any other search engine in the field. With over billions of pages and a relatively low execution time, the popular Californian search engine is able to satisfy all research, both for educational purposes and for purely curiosity purposes. -Continue to read the article on SerHack.me

Hackers Can Take Full Control of Online Compilers through a Common Exploit

Wed, 18 Apr 2018 00:00:00 +0000

Online compilers are a handy tool to save time and resources for coders, and are freely available for a variety of programming languages. They are useful for learning a new language and developing simple programs, such as the ubiquitous “Hello World” exercise. I often use online compilers when I am out, so that I don’t have to worry about locating and downloading all of the resources myself. -Continue to read the article on SerHack.me

Introduction to MoneroV and its Inherent Risks

Tue, 06 Mar 2018 00:00:00 +0000

The “MoneroV” coin is an impending unofficial fork of the Monero blockchain with many “red flag” characteristics that have alarmed the Monero community. Many users are wondering: could the MoneroV fork be a scam project? This article discusses risks for individuals claiming MoneroV, and describes how MoneroV opens an attack vector on the overall privacy of the Monero network itself. -Continue to read the article on SerHack.me

How to Crash the iPhone with a Single Telugu Character

Tue, 20 Feb 2018 00:00:00 +0000

In recent years, Apple has been heavily criticized for the security implications of their market centralization and policy of irreversible operating system updates. Mobile device users are strongly pressured to install packaged iOS upgrades that cannot be rolled back. While this practice greatly increases security for most users, there is an inherent danger to this centralization. -Continue to read the article on SerHack.me

How I broke Envato Search Engine

Thu, 05 Oct 2017 00:00:00 +0000

Envato devs had not developed a strong filter in order to avoid any XSS Attack, and I noticed that I could perform a XSS Injection. I have contacted Envato and, after some investigations, they have discovered that my vulnerabilities were critical! They thanked me and patched the vulnerabilities within 5 business days. Good job Envato!! -Continue to read the article on SerHack.me

Developing a Keylogger: Hardware vs. Software Techniques

Fri, 26 May 2017 00:00:00 +0000

To celebrate 400+ visits to my blog after just 10 days (not bad, come on), I managed in my spare time to write another, very interesting article on another popular category of malware: keyloggers. -Continue to read the article on SerHack.me

Technical Analysis of WannaCry Ransomware

Wed, 17 May 2017 00:00:00 +0000

By now, on the net, on TV and around the world, there is nothing but talk about WannaCrypt: ransomware, or malware that can encrypt all the files on one’s computer and demand a ransom for unlocking them. -Continue to read the article on SerHack.me

Hello world! I'm SerHack

Mon, 15 May 2017 00:00:00 +0000

Hello world, I am SerHack, I am a developer, a security researcher and writer, I mostly write about software backend and a security researcher. I am from Italy where the security of citizens data is not seen as a priority. When I started looking to the world of development, I was like 12 years old. -Continue to read the article on SerHack.me

About Me

Sun, 14 May 2017 00:00:00 +0000

Despite his nickname, SerHack is not an hacker. SerHack (SeərHæck) is a security researcher, developer, and writer. He started his career with development of payment gateways for a popular cryptocurrency. Since then he has reported several bugs and security issues, many of them CVE. He is widely known for reporting the MEGA incident and conducts different malware analyses. Additionally, SerHack contributes to the Monero project – a cryptocurrency focused on privacy. -Continue to read the article on SerHack.me

Donate to SerHack

Sun, 14 May 2017 00:00:00 +0000

This page is for people who like my work and would like to boost my projects. At the moment, I’m writing the second edition of “Mastering Monero” and a new resource named “Breaking Cryptocurrencies”. I have several ideas in my mind that needs funding, so please don’t hesitate to contact me for more information. Thanks to your support, I’ve been able to realize this blog and the books I’ve mentioned earlier. -Continue to read the article on SerHack.me