Category Archives: Security

A week in Singapore – DevOps Days and PowerShell Conference Asia

Last week was a very busy for us over in Singapore, together with the PowerShell Conference Asia team we organized a 3-day conference in Singapore. In the same week the DevOps Days Singapore team hosted their conference and I was a speaker at this event as well.

This year marked the third year of being a part of PSConfAsia, the first two years I was a speaker there, this year I joined the PSConfAsia team and helped organize the event. We were all very pleased with the quality of content that the speakers have provided us with as well as with the attendance of the PowerShell Team. We have seen both speakers and attendees fly from far and beyond to join us and the conference and we can proudly say we made it worth their time.

DevOps Days Singapore

At DevOps Days I presented an ignite talk, a five minute speech on a single topic. Now 5 minutes for a talk is already a challenging, but the second condition was that the slides should automatically advance to the next every 15 seconds. While I have been giving short talks for a while, the challenge of timing a talk to match up with the slides.

The code has been shared on GitHub in my Events repository:
Automation – How I came to see the light

A video of the whole day of DevOps Days is also available, here is the link to the start of my Ignite session:

PowerShell Conference Asia

The PowerShell Conference Asia resumes for its 3rd year this October, bringing speakers from Asia and around the world to deliver in-depth PowerShell and DevOps sessions. Speakers include the Microsoft PowerShell Product Team from headquarters in Redmond and a strong line-up of MVPs, well-known international speakers, and community contributors.

At PSConfAsia I spoke on Automation and how to secure your environment. This is a story of how I used some low-level techniques to investigate, re mediate and patch vulnerabilities of a mixed infrastructure environment.

The code has been shared on GitHub in my Events repository:
Secure your environment by automation

I also shared the slides I used and my other presentations on SlideShare:

Share

Decipher obfuscated URLs with PowerShell

I recently received a message on Skype from a friend I had not talked to for a while, I was happy to see it was spam. Not because it was spam, but because it was using an encoded Url. After taking a quick look at the structure I thought, this is definitely something I can decode.

To me this looked like hexadecimal code, and I quickly threw together a PowerShell one-liners to decode to decode this, note that I skip the first six character because:

1
2
3
-join [char[]](
'%6A%61%61%70%62%72%61%73%73%65%72%2E%63%6F%6D' -split '%' |
Where-Object {$_} | ForEach-Object {[Convert]::ToInt32($_,16)})

This provides us with the following output:

jaapbrasser.com

Because this is a little bit hard to read, let’s break it up into chunks:

1
2
3
4
5
$Split      = '%6A%61%61%70%62%72%61%73%73%65%72%2E%63%6F%6D' -split '%'
$Split      = $Split | Where-Object {$_}
$Integers   = $Split | ForEach-Object {[Convert]::ToInt32($_,16)})
$Characters = [char[]]$Integers
-join $Characters

So let’s go line-by-line through what the code does:

  1. Split the code on the %-character
  2. Skip the first entry, because we split on %, the first result will be empty and can cause errors later
  3. Convert the hexadecimal number to integers using the Convert type accelerator
  4. Convert the integers to Char by strong typing them to a Char array
  5. Use the join operator to turn it into a string

So now that we have this complete, we no longer have to guess where the encoded link is going to lead us. In my case, the link of my friend happened to take me a Russian website trying to get me involved in binary option trading:

For more information about percent encoding as a concept, have a look at the Wikipedia page over here:

Wikipedia – Percent-Encoding

I have created a function for to be able to perform this this conversion in the future, I made it available on GitHub, TechNet Gallery and the PowerShell Gallery:

Share

Secure your servers in time with JIT and JEA at Experts Live Summer Night event

Earlier this month I spoke at Experts Live Summer Night, an Security focused event for IT Professionals. I covered JIT, Privileged Access Management and JEA, Just Enough Administration. Here is an excerpt of the presentation:

Just Enough Administration, also known as JEA, has been around for several years and has received a lot of updates and new features. How can we use this to secure our servers and reduce the attack surface that we expose to potential malicious actors. During this session Jaap will demo how to configure and deploy JEA templates, configure JIT administration.

All the code and slides are as always available in my Events GitHub repository:

Furthermore I have also uploaded my presentations to SlideShare:

Share