Large telecoms in Bulgaria are also ISPs and there is a common practice to give out “free” Wi-Fi routers to customers. Last time I wrote about the Smartcom Ralink router and its insecure default Wi-Fi passwords. This time I will look into the TP-Link EX220 router which is being deployed by A1. My main motivation for this research was their ridiculous policy of forcing customers to use this router and not allowing them to use their own.| Posts on random hacks
SoftHSMv2 is a software implementation of the PCKS#11 interface. It is often used as replacement for real HSM devices in test environments where protecting key material is not a strong requirement. In this post I will explain how the state of SoftHSMv2 is persisted, the security behind it and what can be improved. Tokens and objects Token is the PKCS#11 term for something that stores cryptographic objects and performs cryptographic operations.| Posts on random hacks
There is a nice open-source project howmanypeoplearearound that counts the number of people around by sniffing WiFi probe requests sent from mobile phones. Well, now we have another method to do the same by exploiting the contact tracing functionality which is being added to iOS and Android. Cell phones are using Bluetooth Low Energy to transmit ephemeral IDs to nearby devices in order to discover encounters with other people. These IDs and the Bluetooth MAC changes every 15-20 minutes to pre...| Posts on random hacks
29 Jan 2017, 13:27| xakcop.com
19 Jan 2019, 10:49| xakcop.com
The story behind CVE-2025-22936| xakcop.com
19 Jan 2025, 13:31| xakcop.com
18 Apr 2022, 15:26| xakcop.com
Project Shanocast| xakcop.com
12 Aug 2022, 10:00| xakcop.com
Standard-class Gen5 navigation| xakcop.com
24 Jun 2021, 16:47| xakcop.com
This is a PoC for something I call “virtual usb drive”. The drive is created on Linux using the| xakcop.com
27 Sep 2016, 11:19| xakcop.com
07 Mar 2019, 16:33| xakcop.com
05 Nov 2019, 17:12| xakcop.com
30 Nov 2019, 11:04| xakcop.com
12 Dec 2019, 10:13| xakcop.com
23 Mar 2020, 12:22| xakcop.com