Welcome to my personal space on the Web

Last updated: May 13, 2014 at 06:15 UTC Created: 1 year, 9 months ago

IMAGE: "Come, step over the threshold; welcome to my humble home.""Come, step over the threshold; welcome to my humble home."

Hola, amigo. You are on my personal homepage on teh interweb. This website is several things, but in short, it is a personal homepage; so expect to find many of the things you would find on other personal homepages. It serves as an outlet for me to express ideas and attempt to communicate with others. Such ideas may be expressed either to inform, inspire debate, or merely to intrigue. The contents vary from thoughts of an African programmer to just about anything. It is not always straight and engrossing. It is not always about programming or even computers and their usage. However, there is constantly enough variation to keep it going.

I do not write on any particular schedule or definite range of topics. I look at this site as a log of my experiences, observations, and reflections. The articles on this site have gone through some form of evolution since I started writing and I only see future ones being better. I don't claim to know everything nor do I see myself as a teacher, mentor, or a counselor to my readers—who are often smarter than I am; I write to learn. For this reason, read every article with a pinch of salt, because whatever I write is only as I had known it at the time and therefore does not necessarily reflect my current thoughts (which change more often than I'd like to admit).

Organization

My goal is not to present the most "artistic" page layout or to show off my strange sense of web design. This site is meant to be a flexible structure for conveying content. My favorite sites—the ones that draw me back and make me think—are those that are easy to navigate, work without JavaScript, and are full of content. So for this site, I have decided to worry less about presentation, and concern myself more with what I am writing. I write all of the articles on this site but I may host articles from other people I know in the future. The best way to browse these articles is via the writings page, where they are categorized into their year of publication.

This whole site runs on a single PHP script with SQLite as the back-end DBMS. The overall architectural design is flat—all pages are simply posts including the homepage. I reinvented the wheel because all of the blogging and/or publishing scripts out there were too bulky for my simple needs. The posts are written in a special markup language which outputs highly optimized and cacheable HTML, and even binary data like images! The site does not have any client-side dependencies like JavaScript and cookies while the server-side code is flexible and easily extensible (which is a good thing). You may want to lurk around to see what pops up.

The opinions expressed on this website are entirely my own. They do not represent the strategy, plans, or thoughts of my employer, family, friends, religion, or even that my beautiful future wife. You may post whatever comment you like; I won't edit the contents or attribution of any of them. However, I reserve the right to delete any comment I reason to be spam, off-topic or has absolutely no value. As I write about what I want, when I want, however I want, there is a reasonably good chance that at some point what I'll write may upset, offend or annoy you. The longer you read the contents on this site, the more likely this becomes.

Latest writings

EC103: Jobs.com.gh's multiple vulnerabilities

Tue., 13th May, 2014 at 06:15 UTC

Jobs.com.gh is a Ghanaian job portal launched in 2013 by Ringier Ghana, a subsidiary of the Swiss multinational media enterprise Ringier AG. The website lists job vacancies on a daily basis and claims to be "Ghana's number 1 jobs portal." In this third case study of the Exploit Chronicles campaign, we are putting Jobs.com.gh on the radar. One distinguishing feature of this case study, however, is the absence of an SQL injection vulnerability. For the first time, we are exploiting a logical flaw in the design, implementation, and functioning of an application.

EC102: Backdooring Bank of Ghana's website

Fri., 21st March, 2014 at 20:55 UTC

The Bank of Ghana (BoG) is the central bank of Ghana. It was formally established on 4th March, 1957, two days before the declaration of Ghana's independence. In 2012, one Romanian gray-hat hacker compromised the systems of several African banks, most of them Ghanaian, including that of SG-SSB, UT Bank, and Fidelity Bank. But it seems not every bank learned a lesson from those incidents. So in this case study of Exploit Chronicles, we are exploiting an SQL injection vulnerability in BoG's website to install a backdoor onto the web server.

EC101: Trilion IT Services in the spotlight

Thu., 13th February, 2014 at 14:33 UTC

Trilion IT Services is a small website development and web hosting reseller company based in Ghana, situated at Community 12 in Tema. The company develops and maintains a content management system called Trilion CMS. The software has been installed for at least a dozen of its clients to manage their websites, spanning from simple company websites to complex web directories. In this case study of Exploit Chronicles, we are looking at how to exploit an SQL injection vulnerability in this web software to gain administrative privileges.

Related Content

Copyright © 2014 Michael Kwayisi.