Setup a Linux ARM virtual machine

We will use QEMU, and if you are under a Debian based distro you can install it with:

sudo apt-get install qemu-system-arm

Download the following files from here:

  • debian_wheezy_armel_standard.qcow2
  • initrd.img-3.2.0-4-versatile
  • vmlinuz-3.2.0-4-versatile

In a nutshell, use this command:

qemu-system-arm -L Bios -M versatilepb -kernel vmlinuz-3.2.0-4-versatile -initrd initrd.img-3.2.0-4-versatile -hda debian_wheezy_armel_standard.qcow2 -append "root=/dev/sda1" -m 256 -net nic -net user -redir tcp:2222::22

SSH is already installed, so you can reach the vm with:

ssh root@localhost -p 2222

With password “root”.

How many bits are there in a Byte?

8. Yes, sometimes…

Whereas the bit is well defined:

  • A bit is the basic unit of information in computing and digital communications.
  • A bit can have only one of two values, and may therefore be physically implemented with a two-state device.
  • The values of a bit are most commonly represented as either a 0 or 1.

Instead the size of one Byte, as described in the Jargon file, is architecture-dependent and, more precisely, is a unit of memory or data equal to the amount used to represent one character. In the same link, or in the wiki page, is also explained that there were architecture with 6, 7, or 9 bits… or they operated on bit fields from 1 to 36!

Obviously is extremely convenient that, from the architecture/hardware prospective, a Byte is the smallest addressable unit of memory: for this reason every operation that involves data exchange between the CPU and the RAM is made with Byte sizes or its multiples (Word, Double Word and Quad Word).

We agree that the popularity of major commercial computing architectures has aided in the ubiquitous acceptance that a Byte is 8-bit size, but we must remember that it is only a standard (de facto).

You can see it by yourself. Compile and run this C code with gcc on your Linux machine:


int main() {
    printf("%d Byte = %d bits\n", sizeof(char), __CHAR_BIT__);
    printf("%d Byte = %d bits\n", sizeof(int), sizeof(int)*__CHAR_BIT__);
    return 0;
1 Byte = 8 bits
4 Byte = 32 bits

More in depth we can see this program:

int main() {
    int n = 42;
    char buffer[64]; 
    return 0;

That become (compiled with gcc on a 32 bit machine without optimizations flags):

Dump of assembler code for function main:
0x08048394 <main+0>: push ebp
0x08048395 <main+1>: mov ebp,esp
0x08048397 <main+3>: sub esp,0x50
0x0804839a <main+6>: mov DWORD PTR [ebp-0x4],0x2a  ; 0x2a=42 
0x080483a1 <main+13>: mov eax,0x0
0x080483a6 <main+18>: leave 
0x080483a7 <main+19>: ret 
End of assembler dump.

It needs 4 Byte = 32 bit (Double Word) for the int and 64 Byte = 512 bit for the buffer, so the highlighted instruction means that the ESP is moved 0x50=80 addresses downwards.

0x10=16 addresses and 0x40=64 respectively.

But if  the smallest addressable unit of memory  (in this arch) is 8 bit this implies that for 32 bit we need also 4 addresses. So, why 16 addresses for an int? Alignment.

How to sniff HTTPS from Android app


  1. Rooted device with ProxyDroid installed.
  2. “Computer” with Burp installed.

Let’s start

Launch Burp from your computer.

Proxy -> Options -> Proxy Listeners

Uncheck current “running” proxy, the Add a new Proxy Listener.


  • Bind to port: 8080
  • Bind to address: All interfaces


From the button below, export CA certificate in DER format.

Now change the file extension into .cer and push it in a user-browsable folder on your device. E.g.: I connected the device to the computer and I used adb.

mv burpcert.der burpcert.cer
adb push burpcert.cer /sdcard/Download

While you’re there, take note of your ip address (in this example I’ll use

Device configuration

Settings -> Security -> Install certificates from storage

Select the pushed .cer certificate (obviously), and give it a name.

You’ll be warned that your traffic  may be monitored (obviously).

Install ProxyDroid.


  • Host: your pc address
  • Port: 8080
  • Proxy Type: HTTP (no HTTPS, I’m sure!)

I suggest to choose, under Feature Settings, the Individual Proxy configuration so that you can choose only the app of which do you want to sniff the traffic.

Enable Proxy Droid and enjoy.

Install tor on Ubuntu 15.10

From command line:

sudo gedit /etc/apt/sources.list.d/tor.list

in this file write those lines:

deb wily main
deb-src wily main

save, then run:

gpg --keyserver --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get update
sudo apt-get install tor

Now you can find a folder named “tor-browser_en-US” in your home folder that contains the Tor Browser.

It comes with readily configured Tor and a browser patched for better anonymity.