Tunnelling data over SSH with Putty

An SSH tunnel is used to route unencrypted traffic through an encrypted SSH channel. Its comes in handy for routing traffic over untrusted or hostile networks as the data is encrypted to maintain privacy and prevent eavesdropping. It is also very handy in for bypassing firewall restrictions on networks where the usage of certain services [...]

By |December 16th, 2013|Security, Uncategorized|0 Comments

Debugging Web Applications With Fiddler On Linux

Fiddler is by far one of the most popular web debugging proxies available. It allows you to capture, examine, save, edit and replay all HTTP / HTTPS  requests made by a web based application. For many years it was available only on Windows systems. But recently the creator of Fiddler, Eric Lawrence has released a version of Fiddler that runs using the mono runtime allowing it to run successfully on MacOS and Linux platforms. In this post I am going to run through the basic setup and usage of fiddler under Linux (I am using Linux Mint 15 the process should not vary too for other Debian based variants though). First up visit the fiddler site and download the alpha mono version of the application. After downloading unzip the package and copy the mono version of fiddler to the directory where you would like it to live on your system (I am simply using a folder named Software in my home directory). […]

By |August 28th, 2013|Linux, web development|2 Comments

Anonymizing CURL Scripts With TOR & Polipo

Last week I received a typical run of the mill phishing email littered with the usual bad Engrish making the instructions far from believable but being bored I decided to take a look at the link they were pushing. They had created a believable enough looking Paypal form asking clueless punters to enter their credit card details in order to avoid having their account being suspended. After playing around with the form for awhile in Firebug I decided to create a quick script to poison their data by submitting a new fake 16 digit VISA number along with random card holder name, CVV number and expiry date every couple of seconds. After running this script for half an hour I decided that the script while it did the job would be a lot better if the posted data was coming from an anonymous IP address. Here I will run you through the process of setting up TOR & Polipo on a machine to add an element of anonymity to the data being sent and received by your CURL based script using. […]

By |August 10th, 2011|Linux, PHP|0 Comments