€100 Bug Bounty from Intigriti - please stop tracking your confirmation emails!

by @edent | # # # # # | 1 comment | Read ~401 times.
Weird confrimation address.

There's a new bug bounty provider in town! The Belgian company Intigriti. This is a quick write-up of how I found a trivial bug in their own system. The EU has announced that it is providing funding for bug bounties on critical open source projects. They've split the programme between HackerOne and Intigriti. I signed… Continue reading →

Major sites running unauthenticated JavaScript on their payment pages

by @edent | # # # # # # | 9 comments | Read ~27,603 times.
HTML code from Spotify.

A few months ago, British Airways' customers had their credit card details stolen. How was this possible? The best guess goes something like this: BA had 3rd party JS on its payment page <script src="https://example.com/whatever.js"></script> The 3rd party's site was hacked, and the JS was changed. BA's customers ran the script, which then harvested their… Continue reading →

Redirect GitHub ID to Username

by @edent | # # # # # | Read ~328 times.
A screen of JSON code showing my details.

Scratching my own itch here... GitHub users have a username (mine is @edent) and have a user ID number (mine is #837136). If you want to redirect a user ID to a username, you can use the little service I've cobbled together: https://edent.github.io/github_id/#837136 That will take your browser to my GitHub page, using nothing but… Continue reading →

Telnet control of Toshiba Smart TVs

by @edent | # # # | Read ~1,488 times.
Trinity from the movie The Matrix, she's a bad ass hacker!

Here's how to control the Toshiba 49U6863 - and other similar models - using Telnet. Quickstart At the command prompt, type telnet 192.168.0.123 4660 then type 1012 and your TV will turn on. MAGIC! Background After six years of use, I decided to upgrade my old 37 inch Panasonic TV. I know Toshiba aren't the… Continue reading →

Reflections on #EMFcamp - a Science-Fact Convention

by @edent | # # # # | Read ~236 times.
Terence and Liz in front of Lasers at emfcamp.

At a science-fiction convention, you queue for hours to hear a bit-part actor describe what it was like on the set of a forgotten sci-fi show. At a science-fact convention, you have a beer with a person who is literally changing the world with a laser cutter, some diodes, and a smattering of Python. Welcome… Continue reading →

Enabling Voice-Over-WiFi on the OnePlus 5T and Three UK

by @edent | # # # | 30 comments | Read ~11,435 times.
VoWifi Logo on the top of the Android display.

My mobile provider - Three UK - offers WiFi calling, but only if you have a phone purchased directly from them. For everyone else, they have a crappy app which hasn't been updated in two years. So, let's break out of their artificial restrictions and get some WiFi calling on the OnePlus 5T! Step-by-step Open… Continue reading →

Advertising Screens Hacked To Mine BitCoin

by @edent | # # # # | 1 comment | Read ~16,792 times.
The display shows a windows desktop with a variety of icons. There is a window open

Spotted in London, yesterday. A large, Microsoft Windows-powered advertising hoarding has been hijacked. It's not uncommon to see broken-down Windows displays - I run https://windowsisbroken.tumblr.com/ - which is dedicated to pointing and laughing at such mistakes. But this is the first time I've seen a display repurposed for profit! It appears to be running NiceHash… Continue reading →

Solar Battery and Alexa - in 30 lines of code

by @edent | # # # # # # # | Read ~127 times.
A list of phrases used to activate the device

Amazon Alexa is a fun little bit of kit. But it can be tricky getting it to work with all your smart devices. Not every company has an Alexa skill - just like not every company has an app. Using Flask-Ask it is possible to bring Alexa smarts to a range of previously mute devices.… Continue reading →

Creating a generic, open source, check-in app

by @edent | # # | 1 comment | Read ~199 times.

Many years ago, when Foursquare was still cool, I built an app to let people check into chocolate bars. You know, "@edent is eating a Wonka Bar classic. 4/5?" It was a quick and dirty hackday project. Ever since, I've had the hankering to build something a bit more generic. I currently use Untappd to… Continue reading →

An "on this day" plugin for WordPress

by @edent | # # # # # | Read ~163 times.

Just me scratching my own itch. I want to create an RSS feed of all the blog posts which I'd published on this day in the past. For example, if today is 21st of November 2016 then this plugin will show blog posts written on 2015-11-21 2014-11-21 2013-11-21 And so on. You can view a… Continue reading →