Skip to main content

Posts

2024

Down the AtlasCode rabbit hole - debugging Atlassian VS Code extension
·6763 words·32 mins
vscode jira atlassian npm javascript reverse-engineering

Everyone knows Jira, an Atlassian product where you work with tickets (issues). They have a handy extension to VS Code that (among other things, including Bitbucket support) lets you view tickets inside code editor and have a preview of them, when you hover issue ID in code. However, for quite some time that official extension does not work with managed Jira instances in random places, especially with ticket previews. Stubborn as always, I went on a quest to identify what’s going on and found a plethora of issues in multiple projects; however, the culprits are typical ones - lazy changelog keeping, improper testing, chained bugs and reliance on Open-Source community.

Setting Up strongSwan for L2TP/IPsec VPN server to use with Synology DSM
·1420 words·7 mins
linux vpn synology dsm strongswan ipsec network

Most modern operating systems, for mobile devices and for workstations, offer VPN clients which support proper IPsec IKEv2 MSCHAPv2. However, there are still some stubborn vendors that in 2024, still offer only L2TP behind IPsec (or PPP if we are unlucky) plus OpenVPN. As stated in many places like Gentoo Wiki IPsec/L2TP is considered a legacy VPN protocol. OpenVPN is not suited for any form of refined connectivity other than simple client-server, plus it’s not supported out-of-the-box in modern OSes.

In this article, I’ll describe how to add this legacy option for use with Synology DSM in strongSwan, that simultaneously hosts IPsec IKEv2 MSCHAPv2 VPN.

2023

Flipper Zero interface board - part 1
·764 words·4 mins
quick flipper-zero hardware i2c

Today I used prototype boards I purchased with my Flipper Zero pre-order for the first time. I think I didn’t use them before (and I have Flipper for over 6 months) because the single purpose for them that was repeated over and over again was to expand a device with Wi-Fi or general-purpose 2.4GHz radio, which never appealed to me. However, recently, I found a category of FlipperOS applications that’s quite obvious - I2C interfaces, for example for light or temperature sensors. This quickly rendered my previous attempts at creating such a self-contained portable I2C client from scratch obsolete and demanded the soldering iron to be turned on.

macOS Application Firewall and Canonical Multipass debugging
·2192 words·11 mins
debugging networking macOS firewall multipass

Canonical’s Multipass is a wonderful tool for bootstrapping Ubuntu VMs on any platform, including macOS on Apple Silicon (M1/arm64). It works well, as everything, until networking breaks. The issue, debugging, and resolution story from this long afternoon reveals few tricks about both Multipass and Application Firewall on macOS, so I’ll describe it in detail.

This tale is yet another confirmation of the fact that majority of macOS problems are coming from corporate security tools - I didn’t have such issues even at Hackintosh era. It all started on a corporate MacBook when I had the bunch of Multipass-created VMs that suddenly stopped working - they were starting up, QEMU process was running, but Multipass couldn’t check their status (it uses SSH for that). Moreover, creation of new ones was also breaking in the worst moment - QEMU process started and Multipass waited for cloud-init loaded from virtual CD-ROM to get networking and SSH. And then it just timed out.

2022

Debugging tale of HTTP/1.0 healthcheck
·1705 words·9 mins
debugging http proxy load ballancer networking netcat

Time for a short tale about an interesting debugging challenge I had recently. Programming issue itself was not the hardest or most involving of all time, probably not even of this year for me, but the mixture of circumstances and debugging techniques used makes it worth telling.

Obviously, many details will be skipped, but I can mention some common components used. But keep in mind that’s a real-world scenario, so the initial environment could definitely be better.

Hello, PHP-free world
·514 words·3 mins
All my websites ( skowron.ski, skowronski.pro and skowronski.tech that replaces blog.dsinf.net) are PHP-free. They are based on Hugo and hosted on S3 with only dynamic content being plausible.io rewrite done by CloudFlare worker scripts.
blog.dsinf.net
blog.dsinf.net

2021

Hacking into TP-Link Archer C6 – shell access without physical disassembly
·2383 words·12 mins
hacking linux linux embedded lua mips router security squashfs ssh

This story begins with simple need - ability to programmatically obtain all devices connected to my Wi-Fi router - TP-Link Archer C6. None of the existing libraries support this version of Web UI. The issue with the simplest solution (just flashing OpenWRT) - I rely on proprietary OneMesh technology, which enables better home mesh-networking. So, some hacking needed to be done.