Mickaël Walter - Blog

Mickaël Walter

Sign in

Linux on Surface RT - (nearly) full featured OS

Linux on Surface RT - (nearly) full featured OS

A lot of progress has been made by the Open Surface RT team since my last post on this subject. It's time for an update.

Linux on Surface RT - Make the Kernel boot

Linux on Surface RT - Make the Kernel boot

Until now, nearly no one got to boot Linux on the Surface RT. But recent changes could mark the end of it.

Reverse engineering LuaJIT

Reverse engineering LuaJIT

Sometimes, a Lua file is not just a script but can be a bytecode compiled just-in-time. This makes an interesting platform to explore the bytecode world

Scraping WordPress REST API in interactive mode

Scraping WordPress REST API in interactive mode

I updated wp-json-scraper to add an interactive mode.

Extend your LAN with WireGuard

Extend your LAN with WireGuard

I configured a WireGuard VPN server to handle remote access to my network aswell as a LAN-to-LAN bridge to remote servers

Improving my home network

Improving my home network

The hardware provided by my ISP was not sufficient anymore, so I installed some Ubiquiti hardware. Here are my thoughs and mistakes

New look&feel

I migrated from WordPress to Ghost to publish my content. I ran into some difficulties but finally it's there!

A one glance status light with ESP8266 and Home Assistant

A one glance status light with ESP8266 and Home Assistant

This one glance status light allows to get a quick insight of important metrics retrieved from an MQTT server over WiFi

Use OpenWRT as a MITM router

Use OpenWRT as a MITM router

To make network analysis easier, it can be interesting to setup a MITM router. Using a Raspberry Pi and OpenWRT, this can be made at a low cost

GamePi Zero

I love retrogaming and hardware projects. To gather the best of 2 worlds, I decided to create my own console.

IDOR with MongoDB: understanding ObjectID

IDOR with MongoDB: understanding ObjectID

Given their complex appearance, some would think that exploiting IDOR based on MongoDB's ObjectID would be difficult. This is not the case as the ObjectID is not random

Dumping a SLC NAND Flash with Atmel PMECC

Dumping a SLC NAND Flash with Atmel PMECC

Dumping a NAND flash memory can be tricky. Especially with proprietary ECC. Here we dump an SLC NAND flash with PMECC correction.

Discovery of WordPress websites using wp-json

Discovery of WordPress websites using wp-json

WordPress exposes a new REST API since version 4.7. This API can be exploited to retrieve potential confidential information.

Account enumeration on web applications

Account enumeration on web applications

Why a generic message to prevent user enumeration is an acceptable user experience degradation to improve security