Book Updates and Blog Posts..

Given that I’ve spent more time in my flat (hello, COVID-19) I also spent more time looking at my book shelf.. and wasn’t too happy with it: in hindsight, some of the books I’ve read are way to pretentious and the books I remember as life-changing were mostly read on my kindle anyways. Speaking of Kindles, my first kindle (must be bought around 2008 in the United States) was stored between the books.. with a quite bulging lithium ion battery.. good thing I did that cleanup. ...

December 8, 2020 · 3 min · 612 words · Andreas Happe

Running OWASP Juice Shop with Root-the-Box on Google Cloud Platform

So I am back at teaching web application security. This time I wanted to setup a CTF challenge for my students. To not reinvent the wheel, or rather, to stand on the shoulders of giants I am reusing the OWASP Juice Shop vulnerable web app in its CTF mode. Normally I would teach at a (physical) lab which would make the setup easy: all students are situated in the same physical room, I can setup the game server on my laptop and distribute virtual machines containing the vulnerable web app over the local network. Well, that thing called COVID-19 happened so this is not an option right now. ...

December 2, 2020 · 7 min · 1464 words · Andreas Happe

Create a new Ubuntu 20.10 Desktop without too much Ubuntiness.

After I’ve bought a new and fast 1TB SSD, it’s time to setup my aging Desktop again. Last time I went with Fedora Core, this time I will try to reduce some of the ubuntu-iness of a Ubuntu 20.10 Desktop for that. After preliminary tests Ubuntu seems to be more resource efficient than Fedora Silverblue and I should be able to remove most of Ubuntu’s problematic packages. Given that my Notebook still runs Fedora Core, I’m also keeping in touch with both the Ubuntu/Debian as well as with the Redhat/Fedora world through that. ...

October 13, 2020 · 5 min · 986 words · Andreas Happe

Building a simple VPN with WireGuard with a Raspberry Pi as Server

Now that wireguard will be part of the upcoming Linux 5.6 Kernel it’s time to see how to best integrate it with my Raspberry Pi based LTE-Router/Access Point Setup. What is my scenario? Raspberry Pi 3 with a LTE hat, using a public IP address. This will be the VPN server (called edgewalker in this post) An Android Phone that should use the VPN for all communication when connected An Linux Laptop that should use the VPN only accessing network services that are exposed to the VPN Each device connected to the VPN should be able to connect to all other devices, e.g., my phone should be able to connect to a webserver running on the laptop as long as both are part of the VPN network. If setup is easy enough I’m actually thinking about adding my (Ethernet-connected) Desktop to the VPN too. ...

January 29, 2020 · 5 min · 1001 words · Andreas Happe

2019 redux, what to expect in 2020

2019 was a year in which I expanded my comfort zone and forced myself to face some fears. I haven’t always been victorious, there’s enough to face next year. I see progress and hope; I do not feel trapped in my situation but rather see a comfy base from which I can explore further. I shed some possessions, mostly donated them or gave them away to friends. This calms my mind tremendously. There’s a song by “Down like Silver” that contains the fitting lines: “everything I own, owns me now”. ...

January 1, 2020 · 3 min · 606 words · Andreas Happe

Closing down my company

After 15 or so years I’m finally closing down my own company (it was a small one-person vehicle, in Austrian Einzelpersonenunternehmen or EPU). How so? I’ve been self-employed since I’ve started to study at university. Mostly I did software engineering for various research projects at AIT. There was a short side-project (a failed startup that I created with friends of mine), after that more web development with other friends of mine. Slowly some changes happened, I’ve got down towards security/penetration-testing six or seven years ago. Five years ago I got an part-time employment at the research center, mostly for two EU research projects. my work time got more and more split between pen-testing and research stuff. ...

December 20, 2019 · 2 min · 391 words · Andreas Happe

Adding advertisement-filtering and spotify support to a Linux-based Access Point/Router

The last weeks I’ve tried to improve upon my Raspberry Pi based LTE-Router/Access Point. Normally I would heave tons of software on it, try it out and let it simmer on. I did that this time too: the ELK-Stack (too little memory) and HomeAssistant (too little SmartHome-devices in my flat) only had a short intermezzo on this hardware. What stuck? Before that a small note: originally I was using a IKEA USB charger; its spec should be sufficient but I kept getting “Undervoltage detected” error messages in dmesg/syslog. I switched it out my Xiaomi Phone’s USB charger: the warnings disappeared. ...

December 8, 2019 · 2 min · 410 words · Andreas Happe

Building a secure torrent download station by combining Private Internet Access (PIA), OpenVPN and transmission through docker

Sometimes I want to work on client assignments (penetration-tests) from home, if I do that I am using my company VPN so that all traffic is routed thorugh their public IP address (which is white-listed by the client). I do not want for traffic to ever leave that VPN as that would look like as if I’d be performing cyber attacks from my private home IP address. The same requirements arise for different use-cases, e.g., when downloading bittorrent files or forcing traffic through the tor network if whistle-blowing. ...

August 5, 2019 · 4 min · 714 words · Andreas Happe

How to create a (good-looking) PDF and Kindle eBook from LaTeX

So I held a lecture on “Web Application Security” for the FH/Technikum Wien last spring and wrote a small booklet for my students (partially because I wanted to avoid discussions during the final exam). I did volunteer for a anonymous feedback round which turned out very positive for me, the booklet was repeatatly mentioned positively. So I distilled and refined it, tried to improve its focus. As I will do the same lecture next year, I am in dire need of feedback so that I can improve it, so I went to dark places and published it on reddit. I was suprised by the kindness of strangers, also got some suggestions from them. I offer the book for free under a creative commons license on my website, but also created a kindle version of the book. If you’re into web security and have read the book, I’d be very happy if you leave a (hopefully positive) review of the book on Amazon. This blog post describes, how I’ve created both the PDF-Version as well as the Kindle-Version of the book. ...

July 29, 2019 · 3 min · 611 words · Andreas Happe

LTE uplink for Raspberry Pi: Huawei E3372 vs Waveshare SIM7600E-H

I spent some time playing around with various LTE-options for my Raspberry Pi Access Point/Router setup. My Huawei E3372 USB LTE modem works find but only implements a fake network card. This means that a virtual network card is emulated, all traffic is NATted over a virtual router located behind that virtual network card. This happens in addition to the network translation (NAT) that my Raspberry Pi access point already does. Also, I think that my Raspberry with the external USB LTE modem looks a bit unprofessional: ...

July 5, 2019 · 3 min · 468 words · Andreas Happe