Python for fun and profit

I have been honing my Python skills on a couple of projects recently. One is the famous (or infamous) Python Challenge which has been interesting, but its not where I have spent the bulk of my time. The other is some work related scripting in jython for Websphere automating some tasks for developers (pausing and resuming activation specifications) in their test environment. But was has challenged me the most and captured the majority of my attention is the Matasano Crypto Challenge. [Read More]

Reverse XOR'ing WebSphere Passwords

Some of the lessons I’ve learned from the Matasano Crypto Challenge has already had unexpected practical application for a common issue I encounter at work. Sometimes, people forget things, don’t document things especially in dev environments (hopefully not so much in production), one of those things is passwords, passwords for database accounts, or for an account that has some authorization the application needs. If a dev forgets a password or can’t find where it was documented, it’s many times better to just recover the password, rather then reset the password, especially if the account is used by the application in local dev environments, etc. [Read More]