Assalam-o-Alaikum, How are you Rafay? Rafay, whenever we listen the word “hacking”, only a negative image pops up in our minds, how do you explain the term “White-hat hacking” or “Ethical Hacking” and how do you draw the line between “good hackers” and “bad hackers”?
Back in 90’s hackers were used to be referred as individuals with great programming skills; however with time media made up this perception that hackers are individuals in various Cyber Crimes such as hacking bank accounts, conducting financial frauds etc, therefore in order to differentiate individuals doing hacking with prior permission, our community came up with names such as Ethical Hackers, White-Hats and Penetration Testers. The difference between Hacking and Ethical Hacking is the integrity, a bullet can be used to kill a person and it can be used to protect someone, what it comes down is the integrity part.
This explanation was really enlightening, could you please shed some light on how you developed curiosity to learn hacking and what obstacles you had to face?
It all started 8 years ago, when I received a message in my scrapbook which described of a software that would increase my scrapbook number, I installed that software however nothing initially happened. However, later I noticed weird activities on my computer as in my screensaver; Desktop background got changed, unusual mouse movement and several other weird indicators which eventually led me to conclude that my system has been compromised.
Later on, after searching on the internet for days and applying different techniques I figuredout that my computer is connected and being controlled by an IP address based in Russia, this made me curious on how someone based in another part of this world capable of controlling my computer remotely, but later on I realized that it is how internet works, this basic purpose behind the internet was that everyone should connect with each other.
Could you please introduce our audience to your latest and ongoing projects?
Just Recently I have authored a WhitePaper on “Bypassing Browser Security Policies For Fun and Profit” which was presented at Blackhat conference, I released a “Browser Security Testing Mini Toolkit” which can help fellow researchers to test browsers for security vulnerabilities. The findings of this research were featured in Forbes, WallStreetJournal and even on BBC.
Currently, I am working on a White-Paper about “Bypassing Modern WebApp Firewalls” which is expected to be released in the first week of September.
Back in 2013, you appeared on the horizon with a big success when CheckMarx, an Israel-based information security publication declared you one of the World’s top 5 ethical hackers. How did you feel after getting this title and honor, and what was the story behind this success?
The honor lies in the fact that someone from Pakistan was a part of the list. What made me to the list was my research on android browsers which affected more than 1 Billion devices.
Many Pakistani freelancers and digital entrepreneurs dream to have a PayPal account, but they simply cannot and they have to use some foreign friend’s account, but you are a person who gets a job offer from PayPal and receives a check of $10,000. Would you please share this story with our readers? What is it that you did for PayPal?
Paypal is not available in Pakistan, how I think bitcoin will become a better alternative in coming days. I discovered several critical flaws in paypal, one of them being a “Remote Code Execution” vulnerability which allowed me take complete control of their server. I was offered a job by Paypal, which I couldn’t opt for as I was an undergraduate student at that time.
Your book “Ethical Hacking and Penetration Testing Guide” is just another feather in your crown. Would you please tell our audience as to what this book is about, how helpful it can be and where they can get this book from?
The book is specifically designed for people who have no prior knowledge about the subject of “Ethical Hacking”. The book does not only focus on theoretical concepts, but also helps readers apply the techniques learnt in real world. The book also contains some of the cutting edge research based topics which haven’t been covered in any other books written on the same subject.
You have been conducting security research for more than 6 years and your research mainly evolves around bypassing server side protections or other security mechanisms to unveil the vulnerability of famous programs and networks. How do you ethically defend attacking the security mechanisms of world’s top-notch IT companies?
Personally, I think offense is the best form of defense, I spend time discovering security issues in Defenses Mechanism itself such as “IDS, IPS and Firewalls” on Network and application level and Security Policies such as “Same Origin Policy”, “Content Security Policies” in browsers in order to improve their security posture.
Rafay Government of Pakistan has just passed the Cyber Crimes Bill and it is now the law of the land; being an IT specialist and a digital nomad, how do you look at this bill and do you agree to its contents?
We should be thankful that legislation has been made in our country for Cyber-Crime just like other developed countries in the West. However at the same time, we should also address the shortcomings of this bill. In Pakistan, the problem lies with the execution of the legislation. Do our executors have the relevant knowledge and experience in order interpret and analyze the evidences?
Secondly, the cyber-bill does not protect Bug-Bounty hunters and Researchers who find vulnerabilities in systems, applications and responsibly disclose it to the relevant system owners without exploiting them or causing any harm to their user-base. The bill treats Bug –Hunters and Blackhat hackers as the same.
Third, the bill should be very specific about what it means when it talks about Cyber-Terrorism, as there is a fine line of difference between Cyber Terrorism and Cyber Crime.
Recently, a 14 years old Pakistani kid: Muhammad Shahzad earned his place in Google’s hall of fame. He is one of the youngest globally acclaimed ethical hackers. What would you say about his success and what is your advice to Tech-savvy Pakistani youth that would like to get into ethical hacking?
I think Shahzad is doing a great job and I am happy to see our youth getting into the field of “Information Security”. Our Government should utilize their skillset and give them lucrative opportunities before they leave abroad and hence resulting in a brain drain.
The advice would get into Web-Application Security as all attacks nowdays are based on the application layer and get into Bug Bounty Hunting, A lot of my friends and students are making living out of bug hunting such as “Hammad Shamsi”. However, before getting into Bug hunting, I would recommend beginners to learn about how application really works, learn how databases work. The backend knowledge of how applications really work would give you a better idea on where to look for vulnerabilities.
Follow Well-Known security researchers and bug bounty hunters on Twitter and Facebook, Read their write-ups, learn their methodology and apply the same in the real world. One of the keys to finding bugs is to enumerate, the better you enumerate, the more chances are that you would find bugs.
Rafay every human being owes their success to some people in their life. Mostly these people are parents, siblings, teachers/trainers or close friends. Who do you owe this success to and who you would like to thank through this interview?
There are several people that have helped me in this journey; I would name “Syed Asim Ali Rizvi”, “David Veiria”, “File Descriptor”, “Giuseppe Trotta”, “Pepe Vila” and several others.
Recently Intercept release some documents which reveled that NSA American Agency spying on Pakistan Political and Military Leadership, what are your observation that Pakistan can defend the cyber space of country or can diagnose these kinds of penetration ?
I think Edward Snowden’s leaks have a strong credibility; therefore the leak must be treated seriously. There is no way we can completely defend attacks, all we can do is minimize the risk. For that purpose a “Cyber Security Unit” must be established which would function as a National level Cert, which should be focused on finding and fixing vulnerabilities in Pakistan’s critical infrastructure. Any electronic products Mobile Handsets, iOT devices should be reviewed by Cyber Security Unit for possible backdoors before they are released to the market. Last, but not least the unit should also perform the responsibility raising awareness about Cyber Security among the masses.
What you do in free time ?
It’s highly unlikely that I get free time, I am almost all the time occupied with one or other thing, but whenever I do I play Piano or Harmoium which helps me recover from the stress that I undergo due to loads of work.
It was very nice talking to you, and we believe that our readers would feel more confident talking and learning about ethical hacking. Thank you so much for this interview.
Interviewed by Bilal Ahmed