A post about shellcode

Jun 10, 2018

0 comments

So you may ask yourself, like I did what is shellcode? And the deeper you dig the more questions you will ask yourself, well that's how it went with me. I am not a shellcode guru but I would like to share my knowlegde, when I write / teach about something, I understand (I think) it better. This is not a giant introduction explaining everything, it's more about a journey of digging in to shellcode. To answer the first question, shellcode is nothing more then a bunch of binary code like this:

\xf7\xe6\x52\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x8d\x3c\x24\xb0\x3b\x0f\x05

But what is shellcode really? And what the hell does the above code do?! I'll answer the second question direclty, it spawns a shell on a Linux 64-bit system. Now we get a hint, so shellcode is operating system and CPU architecture bound? Yup that's right, shellcode is operating system and CPU architecture specific. Now what is the code above? the code is binary, represented here as hexadecimal numbers. I didn't get it at first, at first I was like: "this is hex I just parse this with a hex parser" but these are bytes and it could be that they don't have an ASCII representation. But what is shellcode now really? shellcode is binary data that can be read direclty by a CPU. In fact it's 0 and 1, and a CPU, when you feed it this data, can read it and execute whatever it says. I don't believe you, show me the code!

Ok here it is:

#include <stdio.h>

char *code = "\xf7\xe6\x52\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x8d\x3c\x24\xb0\x3b\x0f\x05";

int main () {

    int (*ret)() = (int(*)()) code;
    ret();

    return 0;

}

Compile it with gcc and run it:

$ gcc shell.c -o shell
$ ./shell

You will need to execute it on a 64-bit Linux system. If executed you will see it spawned /bin/sh.

So how this line int (...); really works I don't know a 100%. I do know is that it will take a pointer the character array "code" put it in memory and I want to say execute here, but it does not execute the shellcode, it does set up registers so something points to the address of the shellcode which was put into memory. Can you exlain it even vaguer? Sorry maybe next post explanation :). But now we go deeper in the shellcode, let's analyze that bunch of binary, let's try to see if there is something readable, the hexadecimal readable spectrum goes from 21 to 7E hex or 33 to 127 decimal see man ascii:

#include <stdio.h>
#include <string.h>

char * code = "\xf7\xe6\x52\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x53\x48\x8d\x3c\x24\xb0\x3b\x0f\x05";

int main () {

    for (int i = 0; i < strlen(code); i++) {

        if ((int) code[i] > 33 && (int) code[i] < 128) {

            printf("%c", code[i]);

        }

    }

    printf("\n");

    return 0;

}

The output of the previous is:

RH/bin//shSH<$;

So we see something like "/bin//sh", well interesting but this is not the right way to go, A better approach is to look at the assembly code, which is how I wrote the shellcode in the first place.

Disassembly of section .text:

0000000000400080 <_start>:
  400080:   f7 e6                   mul    esi
  400082:   52                      push   rdx
  400083:   48 bb 2f 62 69 6e 2f    movabs rbx,0x68732f2f6e69622f
  40008a:   2f 73 68 
  40008d:   53                      push   rbx
  40008e:   48 8d 3c 24             lea    rdi,[rsp]
  400092:   b0 3b                   mov    al,0x3b
  400094:   0f 05                   syscall 

What the shit is "0x68732f2f6e69622f"?? Yeah my first reaction to, it is actually super straight forward, remember "/bin//sh" from 10 seconds ago? Well that is that:

                    | Lets take a look at this piece |
\xf7\xe6\x52\x48\xbb \x2f\x62\x69\x6e\x2f\x2f\x73\x68\ x53\x48\x8d\x3c\x24\xb0\x3b\x0f\x05

\x2f \x62 \x69 \x6e \x2f \x2f \x73 \x68\

Now there is something called little endian, I always forget about. you need to reverse per 8 bytes ea 64 bits

\x68\ \x73 \x2f \x2f \x6e \x69 \x62 \x2f

0x68732f2f6e69622f

hs//nib/

which if we reverse is /bin//sh

But why /bin//sh and not /bin/sh, the most simple explanation; otherwise it won't work, you need the 2 "/" in the middle. There is another magic code in the assembly "0x3b", which is hex for 59, which is the opcode for the linux system call execve, see https://filippo.io/linux-syscall-table/ for a complete list about syscall codes.

Better commented assembly code:

Disassembly of section .text:

0000000000400080 <_start>:
  400080:   f7 e6                   mul    esi ; zero out value esi
  400082:   52                      push   rdx ; push the value in rdx to the stack
  400083:   48 bb 2f 62 69 6e 2f    movabs rbx,0x68732f2f6e69622f ; /bin/sh in hexadecimal
  40008a:   2f 73 68 
  40008d:   53                      push   rbx ; push the string "/bin/sh" to the stack

; load the memory address of the stack pointer, which points to "/bin/sh"  
  40008e:   48 8d 3c 24             lea    rdi,[rsp]

; load the value 59 into register al, which is used as an identifier for system calls  
  400092:   b0 3b                   mov    al,0x3b 

; execute the system call according to the value in register al  
  400094:   0f 05                   syscall

Probably some people will ask: "But how can I hack with this?". Well there are 2 ways that I know of:

  • The first is inserting it, I am not going to explain this, there is enough on the internet about it. The way it goes is, a program has an ordered stack of instructions, when an instruction ends, the CPU will move on to the next instruction. Now at a certain point you insert shellcode in the program trying to move it between 2 instructions and with the goal that if an instruction ends and your CPU moves on the the next one it will execute your shellcode instead. This is possible by the fact you overflow a buffer so that the overflowed part is overflowing into the memory part where the instructions are. Your shellcode is part of the overflowing data and with some tweaking with a NOP sled, which are useless instructions added in front of your shellcode to move your shellcode to the right spot in memory.

  • The second way is let a person execute it. The oldest way in the book and still the most effective is social engineering of course. A simple fake website with a valid ".exe" and you are good to go. Now here is a catch of course. You need to bypass antivirus, IDS or IPS. So what you need to do is obfuscate your payload, a very easy trick to do is apparently using a XOR'ing method on your payload. but it does not work a 100% at this moment, so it will be for another post.
1
<#> Read more <#>

My top 5 ethical hacking books

Apr 20, 2018

updated at: Jun 10, 2018

0 comments

I'm very interested in security, moreover penetration testing. I started to read some books and here is my top 5!

Hacking the art of exploitation 2nd edition

By Jon Erickson.

Amazon.co.uk

This book is 10 years old, but boy I learned a lot. If you want to get started in the hacker field and you want to go balls deep directly this is the book to go with. The goal of this book is not to learn how to hack but how things really work. The book first explains what assembly is and how code gets read by the computer, next you get an introduction to C and after that the fun starts. You learn about creating reverse shells, how to capture and modify packets, encryption, buffer overflows and shellcode. What I really liked was the shellcode part and debugging memory, the sad part is that the book only covers 32 bit architecture so almost nothing works when copying code (but you are a hacker so you should find out how it works on your architecture!). I really hope one day there will be a 3rd edition.

Pro's

  • Well explained.
  • After reading this book you most likely will look at things differently.

Cons

  • Covers only 32 bit processors.

The Hacker playbook 2

By Peter Kim.

Amazon.co.uk

On a penetration test when you are out of ideas for exploiting for example, open this book at the correct chapters and continue your pentest. This is what the book is intended for, it is something you bring with you, open at a specific chapter and get that shell.

NOTE: The Hacker Playbook 3 got recently released and is more focussed on red teaming.

Pro's

  • Hands on guide for penetration tests.

Cons

  • None

Black hat python

By Justin Seitz.

Amazon.co.uk

Very good coverage of what you can do with Python. It starts with building little tools like tcp_server, netcat, tcp_proxy all in python step by step guide. And ends with Windows privilege escalation and automating forensic tools.

Pro's

  • Very hands on, good code coverage and explanation.

Cons

  • Python2 only.

Red team field manual

By Ben Clark.

Amazon.co.uk

This is not a real book, it's a book full of cheatsheets for various stuff like reverse shells in different languages, firewall ports, Windows NT version explanation and so on.

Pro's

  • This is the cheatsheet you want on tests.
  • Thin but very informative.

Cons

  • Little small font to read.

Advanced penetration testing

By Wil Allsopp.

Amazon.co.uk

This book is not like the others; a tutorial. It wants to show you how things are really done in the real world, it explains what an advanced persistent threat (APT) is and how to model it in the real world. One of the scenario's was connecting to your C2 server via DNS or via TOR, which was very interesting.

Pro's

  • Real world examples, very detailed.

Cons

  • None
1
<#> Read more <#>

My experience with Pivpn, openvpn for Raspberry Pi

Feb 14, 2018

0 comments

Pivpn is an opensource project for making it easy to transform your Raspberry Pi into a VPN server.

It is very easy to install:

$ curl -L https://install.pivpn.io | bash

Follow the wizard and you will be having a VPN server in no-time. The only thing I changed was creating a stronger key: 4096 bit.

But in the end it did not work, so I started debugging. First I checked for sockets:

# ss -tulpn
0      128              *:22         *:*     user:    (("sshd",pid=506,fd=3))

But it looks only ssh port is open, however here is a catch, ss does not show open UDP ports (openvpn uses UDP) on ARM devices, this is a bug. So another tool to see open sockets is netstat.

# netstat -tunap
...
udp        0      0 0.0.0.0:1194            0.0.0.0:*                           3176/openvpn
...

So openvpn is running and the socket is open. Next I looked at the strace output, by running openvpn manually on my Raspberry Pi:

# strace /usr/sbin/openvpn --verb 11 --config /etc/openvpn/server.conf --writepid /run/openvpn/server.pid

And it kept spitting out these lines over and over:

poll([{fd=5, events=POLLIN|POLLPRI}, {fd=4, events=POLLIN|POLLPRI}], 2, 10000) = 0 (Timeout)
poll([{fd=5, events=POLLIN|POLLPRI}, {fd=4, events=POLLIN|POLLPRI}], 2, 10000) = 0 (Timeout)
lseek(3, 0, SEEK_SET)                   = 0
write(3, "TITLE\tOpenVPN 2.4.0 arm-unknown-"..., 134) = 134
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
write(3, "TIME\tTue Feb 13 19:53:44 2018\t15"..., 41) = 41
write(3, "HEADER\tCLIENT_LIST\tCommon Name\tR"..., 175) = 175
write(3, "HEADER\tROUTING_TABLE\tVirtual Add"..., 89) = 89
write(3, "GLOBAL_STATS\tMax bcast/mcast que"..., 44) = 44
write(3, "END\n", 4)                    = 4
lseek(3, 0, SEEK_CUR)                   = 487
ftruncate(3, 487)                       = 0

First I thought there was something wrong with my time but then I saw the string "ROUTING TABLE", I was hoping I did not need to edit my iptables but I had to add these 2 lines to forward the vpn tunnel.

-I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-I FORWARD -i tun0 -o eth0 -s 10.8.0.0/24 -j ACCEPT

And it worked! Conclussion blame manual written iptables!

1
<#> Read more <#>

connecting to 802.1X wlan with only wpa_supplicant

Nov 17, 2017

updated at: May 28, 2019

0 comments

Intro

A couple of days ago I reinstalled Arch Linux on my little laptop, however I had no option to connect to Ethernet. Also I had no open WiFi network nor WEP/WPA2 protected. Well technically I had a phone so I could connect to it's hotspot or could connect to the 802.1X network trough USB tethering, I'll explain how to connect to USB tethering briefly.

If you have an android phone and want a quick connection just connect your laptop and phone trough USB and enable USB tethering in the settings of your phone. Next add a network file to /etc/systemd/network/ for example: 50-wired.network. put in:

[Match]
Name=eth1 # the network interface which connects to your phone
[Network]
DHCP=ipv4 

The last stap is to start systemd-networkd.service and systemd-resolved.service and you should be good to go.

Connection to 802.1X

So the real thing now, I am at university and the only WiFi network I have is eduroam, it is PEAP protected so I can't just connect with wifi-menu. In the normal world you would use Connman or NetworkManager however I don't have this installed.

First let us scan the network:

Before we do that we need to make sure wpa_supplicant is running, make a file under /etc/wpa_supplicant/ for example: example.conf:

ctrl_interface=/run/wpa_supplicant # the socket
update_config=1

And run:

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/example.conf

If wpa_supplicant is started successfully we can open wpa_cli.

# wpa_cli

wpa_cli does not scan the network on my machine so I need to run iw wlan0 scan first.

Next run these commands in the interactive wpa_cli mode:

# scan
# scan_results

and you should see all the SSIDS.

Edit the file under /etc/wpa_supplicant/example.conf or make a new on and put in:

ctrl_interface=/run/wpa_supplicant # the socket
update_config=1

network={

    ssid="eduroam"
    scan_ssid=1
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="example"
    password="example"
    phase2="autheap=MSCHAPV2"
    anonymous_identity="example" # just erase this if you don't need

}

launch it with:

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/example.conf -B # -B is run in background

Next we will ask for an IP-address:

# dhcpd

And we have internet!

1
<#> Read more <#>

Docker web stack securing with Lets Encrypt

Oct 22, 2017

updated at: Oct 26, 2017

0 comments

In my last post I showed how to scale with Docker swarm and Vagrant. Now I will build upon this and add SSL encryption to my Nginx with Lets Encrypt, also with a Docker of course, image used: kvaps/letsencrypt-webroot.

My Docker web-stack:

version: '3'

networks:
  webproxy:
    driver: overlay

services:

    php:
        restart: always
        image: php:7-fpm
        ports:
            - "9000:9000"
        volumes:
            - /http:/http
        deploy:
            replicas: 15

    nginx:
        hostname: sevaho.io
        restart: always
        image: nginx:alpine
        ports:
            - "80:80"
            - "443:443"
        volumes:
            - /conf.d:/etc/nginx/conf.d
            - /http:/http
            - /tmp/letsencrypt:/tmp/letsencrypt
            - /etc/letsencrypt:/etc/letsencrypt
        environment:
            - LE_RENEW_HOOK=docker kill -s HUP @CONTAINER_NAME@
        links:
            - php
        deploy:
            replicas: 15

    letsencrypt:
        restart: always
        image: kvaps/letsencrypt-webroot
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
            - /etc/letsencrypt:/etc/letsencrypt
            - /tmp/letsencrypt:/tmp/letsencrypt
            - /http:/http
        links:
             - nginx
        environment:
             - DOMAINS=sevaho.io www.sevaho.io
             - EMAIL=sebastiaan@sevaho.io
             - WEBROOT_PATH=/http
             - EXP_LIMIT=30
             - CHECK_FREQ=30

    redis:
        restart: always
        image: redis:alpine
        ports:
           - '6379:6379'
        deploy:
            replicas: 3
        links:
            - nginx

NOTE: I use the alpine image of Nginx because this is smaller and is a little bit faster. I want to use the alpine image of PHP but I experience problems with PHP sessions so I keep the default. Also the Redis service is also added but you can leave it out if you don't use it. Also launch PHP before Nginx otherwise Nginx will say it can't find PHP socket.

2 new directories:

  • /etc/letsencrypt : Used for storing the keys.
  • /tmp/letsencrypt : Used for the acme-challenge.

And the Nginx:

server {

    listen 80;

    server_name sevaho.io;

    location ^~ /.well-known/ { # needed for Lets encrypt (acme-challenge)

        root /http;

    }

    location / { # always load the https version

        return 301 https://$server_name$request_uri;

    }

}

server {

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    server_name sevaho.io;

    root <>; # add your root folder here

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    ssl_certificate /etc/letsencrypt/live/sevaho.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sevaho.io/privkey.pem;

    index index.html index.php index.htm index.nginx-debian.html;

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;

    location / {

        try_files $uri $uri/ /index.php?$query_string; # I use a Laravel application here

    }

    location ~ \.php$ {

        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass php:9000; # connection with the php container
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;

    }

}

It took some try and error to figure it all out, but at the end I got it all working ;).

1
<#> Read more <#>

Scaling with Docker swarm and vagrant

Oct 22, 2017

0 comments

Introduction

A couple of days ago I had the idea of scaling my server, if someone says scaling he says containers of course. So I went looking on how I could scale my server, well actually I don't need high end scaling but where is the fun in that? I came across 3 main container orchestrators: Kubernetes, Swarm and Mesos. I have experience with Docker so I went with Docker swarm to manage the scaling.

My server specs:

  • i7 3th gen
  • 8gigs of ram

Before setting it up I will explain some tools:

Tool What does it do?
Vagrant Utility to automate and manage virtual machines.
Dockerfile You probably know this one, this file is used to build images.
Docker-compose This utility is used to deploy multiple services that have a relationship with each other. Services are made from images. You will write all this in a YAML file. (used for testing)
Docker stack Uses the same YAML file as in Docker-compose, but with Docker stack you can use a deploy function which let you deploy multiple instances of the same service to a swarm. (used for deployment)
Docker swarm The heart of managing all the services. Multiple vm's can be setup inside a swarm. In this swarm you can deploy and scale services.

Setup

To make use of scaling you need machines in my case I will use virtual machines backed by virtualbox. A very handy tool to automate and manage vm's is by using vagrant. I will use 4 vm's where 1 is the manager and 3 slaves. A manager will manage the slaves so that your services will be divided equally over your vm's, and if by accident a slave vm goes down it will take the services from that vm and put it on an other.

So my vagrant directory will look like this (my pwd: /home/sevaho/vagrant):

$ tree -L 2
.
├── [sevaho   4.0K]  conf.d
│   └── [sevaho    737]  default.conf
├── [sevaho   4.0K]  http
│   ├── [sevaho    209]  index.php
├── [sevaho   4.0K]  swarm_slave_1
│   └── [sevaho   1.2K]  Vagrantfile
├── [sevaho   4.0K]  swarm_slave_2
│   └── [sevaho   1.2K]  Vagrantfile
├── [sevaho   4.0K]  swarm_slave_3
│   └── [sevaho   1.2K]  Vagrantfile
└── [sevaho   4.0K]  swarn_manager
    └── [sevaho   1.2K]  Vagrantfile

Contents of a Vagrantfile:

$script = <<SCRIPT
sudo apt-get install curl -y
curl -fsSL get.docker.com -o get-docker.sh
bash get-docker.sh
sudo usermod -aG docker vagrant
sudo curl -L https://github.com/docker/compose/releases/download/1.16.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
SCRIPT

Vagrant.configure(2) do |config|

    config.vm.box = "debian/jessie64"

    config.vm.network :private_network, ip: "192.168.56.12"
    config.vm.network "forwarded_port", guest: 80, host: 5000, auto_correct: true

    config.vm.synced_folder ".", "/vagrant", disabled: true
    config.vm.synced_folder "/home/sevaho/vagrant/http", "/http/", owner: "www-data", group: "www-data"
    config.vm.synced_folder "/home/sevaho/vagrant/conf.d", "/conf.d/", owner: "www-data", group: "www-data"
    config.vm.provision "shell", inline: $script
    config.vm.provider "virtualbox" do |vb|

        vb.gui = false
        vb.name = "swarm_slave_2"
        vb.memory = 1024
        vb.cpus = 1
        vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
        vb.customize ["modifyvm", :id, "--natdnsproxy1", "on"]

    end

end

This vagrantfile is from slave number 2, the things you will need to change for the other ones are:

  • ip-address
  • name

NOTE: I am forwarding port 80 from the vm to port 5000 of my server, this is very important so I can see output on this port. Also you need "natdnshostresolver1" and "natdnsproxy1" to be set otherwise you can't connect from outside of the vm to the inside except ssh.

Contents of default.conf (nginx file):

server {

    listen 80;
    server_name 127.0.0.1;
    index index.php index.html;

    error_log  /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;

    root /http;

    location ~ \.php$ {

        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;

    }

}

Contents of index.php:

<?php

    echo "<p>".$_SERVER['SERVER_ADDR']."</p>";
    echo "<p>".$_SERVER['SERVER_PORT']."</p>";
    echo "<p>".$_SERVER['REMOTE_ADDR']."</p>";
    echo "<p>".$_SERVER['REMOTE_HOST']."</p>";

Now you can deploy the vm's by running the following command in each directory:

$ vagrant up

Docker swarm

Docker is installed everywhere and our user vagrant is part of the docker group which means we don't need to run as root.

Ssh in your manager machine by running in it's directory:

$ vagrant ssh

Now you can setup a swarm by entering:

$ docker swarm init --advertise-addr 192.168.56.10

We need to advertise an address and I assigned 192.168.56.10 to my manager vm so we will go with that.

Now you will see something like this:

you can join in this swarm by:

    docker swarm join --token <token>

So we will execute this command in all the slave vm's!

To make sure all the vm's are in the swarm run this command in the manager:

$ docker node ls # you can see who is in the swarm

Now back the the manager vm, make a file (fe. website.yml) and fill it with:

version: '3'

services:

    nginx:
        image: nginx:latest
        ports:
            - "80:80"
        volumes:
            - /conf.d:/etc/nginx/conf.d
            - /http:/http
        links:
            - php 
        deploy:
            replicas: 15

    php:
        image: php:7.0-fpm
        volumes:
            - /http:/http
        deploy:
            replicas: 15

Now you can run (still inside the manager vm):

$ docker stack deploy -c website.yml website # website is just a name

Some magic will happen, Docker swarm will scale 30 services (15x nginx, 15x php) over your vm's. If you enter the following command a couple of times you will see the real magic happen, the server address will change constantly because you will be on a different nginx service container:

$ curl <host-ip>:5000

You have officialy scaled containers!

EDIT:

My output of some curl fun:

$ ~ ❯ curl https://sevaho.io/swarm.php                  
<p>Docker swarm node : 10.255.0.117:443</p><p>Your IP: 196.45.124.64</p>%  
$ ~ ❯ curl https://sevaho.io/swarm.php            
<p>Docker swarm node : 10.255.0.104:443</p><p>Your IP: 196.45.124.64</p>%   
$ ~ ❯ curl https://sevaho.io/swarm.php             
<p>Docker swarm node : 10.255.0.114:443</p><p>Your IP: 196.45.124.64</p>%   
$ ~ ❯ curl https://sevaho.io/swarm.php                    
<p>Docker swarm node : 10.255.0.100:443</p><p>Your IP: 196.45.124.64</p>%
1
<#> Read more <#>

Getting started with trading crypto on Gdax

Sep 23, 2017

updated at: Oct 2, 2017

0 comments

It's September 2017 and it's still not that easy to buy Bitcoin, Ether or any other cryptocurrency. Let me show you how you can start trading the big three cryptocurrencies: Bitcoin, Ether and Litecoin on Gdax without fees or commission.

NOTE: Coinbase and Gdax are the same company. Coinbase is the wallet you will use and Gdax is the trading platform.

Get a Coinbase wallet

First of all we need a wallet to be able to deposit funds so that we are able to buy some cryptocurrencies. Go to https://www.coinbase.com, fill in your email address and press Get Started.

Fill in the needed fields and continue as you will see Coinbase will send you an e-mail. Go to your mailbox and open the link in the mail now the real authentication comes. First of all you need to have a valid phonenumber so Coinbase can send you an authentication token. The next step is uploading the passport/ID.

If you are in a another country then where your bank/phone is registered, for example I live in Belgium but I registered in Czech Republic, you must do an additional step. I will enlighten it later.

Next you will need to verify a payment method, you will need to send money to a given bank address with a given phrase. They will ask you for a SEPA amount, it can be anything you want, if you are unsure like I was in the beginning just send 0.01 euro. It took me 2 days to get the money verified.

Uploading passport/ID

This is a tricky part because it must be all readable and clear. The easiest thing you can do is to do this via webcam and take pictures with it of your ID. If it does not work at first fear not, on my first try I failed so many times I needed to wait 24 hours to retry again, hope you can do better!

Change country

So if you are not in your home country. Skip the remaining steps and go to the right upper corner in the dashboard and click on your avatar. Next go to settings and scroll down. There you will find a button to change the country. Follow the steps.

Depositing money

Now the fun part comes, depositing money on our account! Go to the Coinbase's dashboard and click on accounts scroll down in the main window until you see Euro and press deposit. Now you can upload more money, a good amount to start with (this is purely subjective) is 1000euro.

Always write down the phrase that you are given when you want to deposit money. and double check, triple check, ... the phrase when you send money to Coinbase.

Now if you have received a mail that the money is deposited, mostly within 2-3 days, you can go to https://www.gdax.com.

Trading on Gdax

Now we will deposit our money from Coinbase to Gdax so we will be able to trade it. Go to deposit -> coinbase account and get that money to gdax!

Trading without fees

So first of all you can just buy/sell crypto with the buttons you see in the left on Gdax this is how Coinbase makes it's money. There is however a small button limit next to market, press it.

In the upper left corner you can change the cryptocurrency. Bitcoin is transacted the most then Ethereum and then Litecoin.

Now you need to set the amount you want to buy and at which price. As you can see there are red numbers and green numbers changing all the time, the red numbers is what people are selling, the green what people are buying. Press the green number closest to the middle this price will appear in the limit window, insert how much you want to buy and press submit!

Do not be nervous when submitting a limit order, you can cancel at any time at the window in the bottom of the screen without a fee. So you can just try and repeat whenever you want. You probably want to do this to find the right price.

If you have bought some crypto just set a sell limit with the price you want to sell it for and wait till it sells.

Good luck with trading crypto!

1
<#> Read more <#>

My first post!

Sep 18, 2017

updated at: Sep 19, 2017

1 comment

Hello World!

My first post ever on my new blog, It took some time but here we are. So what will this guy write about this time you may ask, Well I'm a freshman to blogs so I have not found a common structure yet, but I definitely will.

So what is this blog about?! I will write about IT/Technology (no shit Sherlock). Topics I have in mind are:

  • Linux
  • Networking
  • Making Wayland applications
  • LPIC (Linux Professional Institute Certifications) preparations
  • Dwarf Fortress
  • Cryptocurrency / Segwit
  • Incron / inotify
  • Docker and wtf is user namespacing
  • How to write clean code
  • Security
  • Code (Python, PHP, C, ASM)

I won't write in that order tho, just some random topics which I really find interesting.

As you clearly thought this blog has indeed no comment section, I am currently working on that. I don't like to sign up to other blogs to post comments so I want to let people post comments without any form of authentication. Well of course this looks like a big no no but I think it's do-able and can be done securely.

I am thinking about storing the ip-address with the comment and have a limit on comments/ip, but this needs more fine-tuning and more think work.

If you would like to know how I made this website/blog:

<?php

  define("FRAMEWORK", "Laravel");
  printf("I made it with the most awesome PHP framework: ".FRAMEWORK."!");

I also used vanilla Javascript and Sass, Sass is a really helpful to write css, I didn't use it at first but I wish I had met it sooner. Css code will get really messy if you don't pay attention. If you think you can handle vanilla css, you won't! use Sass life will be so much easier.

This was my first post hope to see you at the next one!

EDIT

I have a comment section now! Click on the title to write a comment.

1
<#> Read more <#>