Analyzing JavaScript Malware

About half of a year ago, my girlfriend got e-mail from post office saying that the the package was ready to pickup, with a quick note saying that more information is available in the attachment. I was asked to look at it, as she found it suspicious - mail was written very poorly - definitely not what official mail would sound like. Firstly I took a look at the domain, from where this mail was sent, and as I excepted, it was not connected to domains of our post service. But what I really wanted to know was, what's the goal of the attachment?

Web Application Security

Today we're going to start with Web Security - in particular I want to discuss security headers - small steps to keep your web application more secure. Without wasting your time, let's move to the content.

Problem 37 - Truncatable Primes

Today I'm gonna try and solve another challenge from Project Euler - site with various programming tasks heavily connected with mathematics. If you're learning any new programming language and don't have any ideas for new programs - just head over to this site, complete as many challenges as you can and you'll definitely improve your skills. Just take a look at this task:

Wireless Security

Hi everyone! Today we're gonna prepare a little bit before the next episode - in which we'll try to hack WPA and WPA Wi-Fi networks. But in order to do that we have to gain better understanding how it works, it's weaknesses (if any) and stronger sides that we shouldn't even try atttacking. Let's jump in to the world of theory!

Wireless Security

Wired Equivalent Privacy (WEP) was introduced in 1999 as a part of 802.11 standard. It's puprose was to assure the privacy of the wireless network in a way near to wired networks. It's using RC4 cipher (with different key size: 64 and 128 bits) and CRC-32 checksum to mantain integrity. In addition WEP is using a short, 24 bit initialization vector (IV), which is added to the key provided by user, creating 'unique' for each packet RC4 key. But because the IV is so short, and it's used with the same key, WEP is now considered outdated, easy to crack and insecure.