Month: February 2022

>man emoji_url

Posted on by Dan F

I got an interesting spam SMS today to drove me to do a little research. The link included a šŸ‘ emoji. I have heard about emojiā€™s being used in a link, but have never really looked into it or seen it in practice before. I often take phishing URLs and visit the sites in a safe environment to see what they are. Check out browserling.com for a quick online Windows or Android VM. I couldnā€™t immediately test the URL because I had to figure out how to type it in to the address bar. I found a few articles on Wikipedia that led me to RFC 3492 Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA).

Punycode allow for a unique and reversible encoding of non-ASCII characters in ASCII that complies with RFC 952. Punycode is also used for other Unicode language characters besides emojiā€™s. The bootstring takes any string of mixed type characters called the extended string and represents it as sequence of ā€œbasic code pointsā€ called the basic string. Basic code points in the string are initially segregated from non-basic code points and by copying them all at once into a string that will be at the beginning of future basic string. The string ā€œHi-šŸ˜Š-down-for-šŸš“-later?ā€ is transformed to ā€œHi–down-for–later?-ā€œ followed by the basic code point representations of the two emojiā€™s.

In my suspicious URL the section in question was ā€œcošŸ‘162ā€ which translates to ā€œxn--co162-8p93dā€ in Punycode. Other strings in the URL delimited by dot characters are not included in the encoding. See the example from below from punycoder.com.

Firefox also showed the ASCII conversion in the address bar when pasted in.

It is an interesting method that helps a malicious actor or spammer make their link look more enticing and a little less sketchy. I found a few resources during this process. emojipedia.org allows you to search and copy paste an emoji. punycoder.com allows you to translate between Punycode and text. Here is a list of all the Unicode emoji’s.

>touch home_lab

Posted on by Dan F

This post will be the first in a series where I discuss building a home lab to study offensive and defensive cybersecurity. Building a home lab has been the best decision I have made to help improve my technical skills. I have learned how to build and break Linux machines, become comfortable using the command line interface, and watched packets fly back and forth across my network.

When people begin researching a home lab, they may find sites like Reddit’s r/homelab. Some of the more impressive setups use enterprise servers and networking gear that could support a medium-sized office. A lab of that nature would undoubtedly be awesome to own and operate. However, all you need is a computer with some unused compute cycles as a beginner. For anyone reading this on a low-end laptop with no resources to get a better rig, there are a ton of free online resources as well. I will do another post on those resources soon. For now, check out the tools_resources page for some ideas.

The two primary types of home lab I will focus on are computer-based and networking-based. There are many other types of labs designed to support various other interests. Radio labs and hardware labs are common as well.

Computer labs support many objectives, such as testing new code or websites. They can be used as sandboxes to study malware. They can act as actual home servers to provide services such as email, media streaming, git repositories, data storage, or a myriad of other services. I currently run a few home services, but the primary focus of my home lab posts will be for offensive and defensive cybersecurity.

hello_world.blog

Posted on by Dan F

I put this site together to chronicle my cybersecurity studies and provide resources for others who are also studying cybersecurity. I do not currently work in cybersecurity. I am an Emergency Manager who has always loved computers. I am nearing retirement from this position and am looking toward a possible career change. To study in my spare time, I have built a home lab to learn new technologies to expand my technical skill. This blog will include smaller posts on some of the basics of cybersecurity, tests of various software, hardware, and techniques, and longer posts on some of my larger projects.

I am currently working on a long-form writing project, “Cybersecurity for Emergency Managers.” This project will provide an entry-level perspective on cybersecurity in the language of Emergency Managers. Emergency Management planning must consider the cybersecurity threats and potential impacts. Unfortunately, these threats can be challenging for those without technical training to understand. This project will align cybersecurity and emergency management planning frameworks with limited technical language. I will post some of this content here and use some content I post here in that project.

If you have suggestions for topics or recommendations for improvements, please reach out to me through email or social media.