DJ SPACIES
"If I have seen further it is by standing on the shoulders of Giants."
whoami
Dj Spacies was a hot-shot Dubstep DJ hailing from Auckland, New Zealand in the late 2000s.
I hung up my headphones many years ago and made the move to Brisbane, Australia with my family.
You’re probably here to read about my foray into Cyber Security, there’s a whole section on that further down the page, I’ve also written about some of my other hobbies and interests in the Projects section.
Admittedly most of my hobbies are related to electronics, technology, and drifting….. yes drifting! I’ve got a 1989 Toyota Cressida which I like to slide around sideways on the tarmac from time to time at Archerfield Drift Park, you can check out that section too if you would like.
I usually have several projects on the go at any one time. The most current project being the creation of this website from the ground up! It’s been a fantastic learning experience
CYBER SECURITY
From zero to greater than zero.
My journey into Cyber Security and Pentesting.
PROJECTS
Modchipping retro game consoles, ROM reversing and emulation, disassembly, different bits and pieces to keep me off the streets.
CAR STUFF
Drifting, Engine conversions, Fabrication, V8's, turbo's... Just cool car stuff if thats your thing.
**October 2022 Update**
I made it! I’m a fully Koalified pentester!
I started in February of this year with a security firm and am now running my own engagements end to end and loving it.
Where to from here? Just keep on learning and improving, I may be tempted to pick up another course similar to the OSCP at some stage in the near future.
When I first embarked on this journey I just thought it was cool to hack stuff, though over time I have developed a genuine love for helping organisations to achieve their security goals. Hack the Planet! Secure Australia!
================================================================================================================
How does one make the transformation from a construction worker to an ethical hacker, and why? Well, I’m about to tell you about my experience.
I began my career as an electrician and have been in the industry for over 15 years, delving into the more technical aspect of the trade as my career matured, however, electronics and computing have always been an interest which I’ve pursued in my personal life.
I started becoming interested in software reverse engineering, bypassing copy protection, code decompilation, and anything in general down at the assembly/machine language level, because that’s what your average sparky tends to find fun and interesting… right?
You can read more about that in the Projects section.
As the complexity of my hobby projects grew, It became apparent that I needed to begin learning how to use Linux because a lot of the tools I wanted to use were python and Unix based, or in some cases you need to write your own. I procrastinated for a long time because from my previous albeit limited experiences with the Linux CLI had always ended up less than favorable.
Act #1 – Introduction to Ethical Hacking
I mentioned to a friend ( who unbeknownst to me at the time was in fact a pentester himself ), that I was into software reverse engineering and hardware hacking, he introduced me to the popular website “HackTheBox” and that I should have a go, this marked the beginning of my descent into madness.. Journey into Cyber.
I couldn’t actually create an account in HTB because the whole idea is that you need to hack your way in. Thankfully there is HTB Academy which will teach you the basic skills to get started, including getting started with the Linux / Bash Terminal environment.
I began working through the HTB Academy Beginner content and was finally able to hack in to the main HTB site and create an account. By this point, I was hooked!
Over the next several months I devoted a lot of my spare time to HTB, learning the various techniques and exploit methods. I began to wonder whether or not I could turn this new hobby of mine into a career.
Act #2 – Pathway to OSCP.
So from this point on my story is probably not so unique, I kept grinding Hack The Box and Offensive Security’s Proving Grounds until I felt confident enough to enroll in the OffSec PWK OSCP course. All of this while maintaining a full-time job and of course trying not to neglect my family and adult responsibilities too much.
I started the course and worked through the labs, ‘sploiting vulns and catching shells.
After a couple of months of intense study, I finally sat and passed the OSCP exam! Yes it was difficult, yes it was grueling, and yes it did put a heavy strain on most other aspects of my life. But when it’s all said and done I’m 100% glad that I forged ahead and earned my OSCP certification.
Act #3 – CTF’er >> Pentester.
So this is where I’m up to now, the current leg of my journey. Making the Transition from Capturing all the flags to real-world big boy Penetration testing, Im hoping to start applying for some pentesting jobs before the year 2021 is through, In the meantime I’ll continue learning, improving my skills, and try to become more familiar with the cyber/information security industry as best I can from the outside.
It’s very much the beginning of my cyber career but from this early stage I could see myself potentially specializing in OT / ICS Pentesting as it seems to fit very well with my industry background.
DjSpacies.com
**August 2023 Update**
Cloud migration: The future is now.
The website is now hosted on an AWS EC2 box, it was surprisingly easy to get set up. In a single evening, I created a free/trial account with Amazon and spun up an Ubuntu instance. Basically just copied over my entire /var/www/html directory and database_dump.sql file, configure the apache and php engine etc update dns records badda bing here we are!
In all honesty this website has really outgrown the single page format. I have some more projects to be added but they really should be broken out to a separate page. That being said WordPress is getting a bit long in the tooth and I think it would be fun to play with some more modern java’rey frameworks. Watch this space I guess…
================================================================================================================
Introducing my first website!
First of all, if you’re thinking of trying to hack me then good luck, I’m behind 7proxies.
Second of all, I’m going to do half of your recon work for you.
www.DjSpacies.com is hosted on a Raspberry Pi 3 sitting in the garage beneath my house. It’s running your standard run-of-the-mill LAMP stack, with Apache2, MariaDB, and WordPress installed on top with some starter website theme which I liked the look of. Pretty basic stuff.
I’m also running a PostFix/Dovecot SMTP mail server.
Let me tell you I’ve had a blast setting this whole thing up, and I’ll explain why…
I’ve been hacking many many virtual websites just like this one for months now, practising for my OSCP exam, WP Scans, PHP webshells, www-data to root privilege escalation, you name it.
Now I’m finally on the other side of the wall administering my own webserver and from a security perspective things just seem to be clicking into place, it all makes sense now!
With that being said I have to admit that I definitely prefer the back end setup and configuration rather than the creative frontend layout and design; put it this way, I’m not the creative type, I just prefer to disassemble other people’s great creations and re-purpose them into something else, I think that’s the epitome of hacking its truest form.
================================================================================================================
Console Modding:
Playstation 2
So it turns out I’ve been hacking hardware before I even knew that it was a thing.
I modchipped my Playstation 2 when I was about 14 years old, to allow me to keep my original purchased PS2 discs in top condition and play from backups of course.
Now in my adult life, I started feeling nostalgic, and retro-gaming is becoming popular! I purchased a ps2 slim console for $100 and bought a mod kit from aliexpress which allows you to connect a SATA hard disk drive to the console and with some custom firmware you can ditch the cdrom altogether and play games straight from hard disk.
The way it works is that the original ps2 engineers left the IDE HDD bus lines exposed on the PCB, so some other clever people reverse engineered the circuit and figured out that you can solder wires to these traces and then connect your own external IDE drive to the PlayStation. IDE was basically replaced with SATA around 2007 and it’s actually pretty difficult to find used IDE drives for sale anymore, the workaround to this is simply to use an IDE to SATA converter board which opens up many options, you can even connect an SSD if you want to, but I just used an old laptop 320GB drive because that’s what I had around at the time.
Soldering the flex cables to the PCB was actually incredibly difficult. I like to think that I’m pretty good at soldering but this was next level, because the pads and components are so tiny, there’s very little room for error. It took me several tries to finally get all the connections made with no solder bridges or dry joints.
With the IDE > SATA converter board soldered in and mounted I then needed to transfer some software and games to the console which is done via FTP. Now the PS2 lives in my son’s room, he plays it more than I do but it’s cool to see him enjoying the old-school games that I spend hours playing myself back in the day.
OG Xbox
Much like the PS2 story, I modchipped my Original Xbox shortly after I had bought it in 2002, 18 years later I bought another console, and wanted to mod it again for fun. The method is still basically the same as it was when I first did it years ago, except there are now ‘softmods’ available which rely on fooling the xbox operating system to execute unsigned code from a memory card save game which would give the user kernel level access to then reflash a custom bios and firmware. Props to Bunnie Huang, the absolute legend who defeated the OG Xbox’s security features soon after its release in 2002 and leaked the secret kernel ROM online, much to Microsoft’s dismay its a super interesting story how he did it.
For my particular mod I decided to stick with the tried and true hardware method which involves soldering in a modchip to the Xbox motherboard which interrupts communication between the Southbridge chip and the CPU at boot time as a man-in-the-middle, and allows the attacker to bypass the security checks and ultimately flash a custom firmware and use third party Hard Disk Drives without needing matching serial numbers.
The installation was straight forward, The Xbox uses IDE Hard Disk Drives but I installed an IDE > SATA converter in order to run a modern 500GB Sata HDD inside it.
I used my RaspberryPi to dump the contents of the EEPROM which contains the encrypted HDD key, serial number, and region code via the I2C serial protocol.
Interestingly all xbox consoles came with a whopping 64MB RAM, however the early motherboards had 4 additional unpopulated pads for extra ram chips. It’s rumoured that these pads would have been populated on the development consoles and microsoft simply didnt bother to remove them from the retail versions.
You can infact solder the additional RAM chips to the 4 sockets to double your 64MB to a total of 128MB RAM! This mod is virtually useless seen as though 99% of all software written for the original xbox is only able to utilize the 64MB however I decided to do the upgrade on my system just for the lols.
To load the software on I just connected the new 500GB HDD to my PC and transferred the Operating System files manually. This mod was pretty simple to do and is incredibly well documented online with comprehensive writeups.
One of my favourite pasttimes is modifying 80’s and 90’s japanese sports cars. Predominantly Toyotas but I also currently have a Honda which is has a reasonable amount of work in it.
Below are a few of my old cars which I had as a teenager back in New Zealand.
The station wagon came from factory with a 1.3L Carb motor (58hp) which I swapped out for a 1.6L twin cam fuel injected 4a-ge motor (112hp) basically double the output with a 5 speed manual transmission. I kept snapping drive axles from doing skids and what not so eventually I converted the rear end to an 8″ Hilux diff thats why in the picture you can see the rear wheels are 5 stud Skyline, and the fronts are 4 stud Supra.
I moved on from the wagon and got an AE86 Trueno when Inital D was becoming popular and transplanted the engine and transmission from the wagon into it.
I then added a turbo to that same motor and pretty much doubled its output again to somewhere in the range of 250hp, It was pretty laggy but when it came on boost the thing would just spin the wheels like crazy, which is the intended outcome! Back then I didnt have much money as I was on apprentice wages, and I was still learning as I went so I blew up several motors in the process, but they were so cheap to replace back then, you’d get a replacement motor from pick-a-part for $200 on Saturday, and drive it to work on Monday.
There are a ton of cool cars in between which unfortunately I dont have any pictures of, When we moved to Australia in 2012 I decided that I wanted to own a VTEC so I bought a 1993 Honda Accord with the intention of swapping the original single cam motor (144hp) with an H22A 2.2L Vtec engine from a Honda Prelude (197hp)
It took a couple of years to get it to the point where it is now but basically I bought an engine in pieces from gumtree and did a full rebuild and a couple of internal performance mods before dropping it in to its new home.
Its been my daily driver for 8 years now! Its such a reliable work horse I cant bring myself to let it go, although there are some areas where rust is starting to come through unfortunately.
Current engine mods are:
H22A JDM motor 10.6:1 Compression Ratio
KS Balance shaft delete
H22A Euro-R “Red top” Cams
LMA upgrade to spring type
Ebay Extractors and 60mm Stainless straight thru Exhaust
Pod Filter
P28 Ecu, chipped with EcTune ROM and street tuned by yours-truly.
Current Build:
**April 2023 Update**
The Cressy’s been off the road for a couple of months now, receiving a turbo upgrade! I’ll post up some photos when I get around to it but there has been a lot of fabrication work.
Also working on setting up a tablet based dashboard/gauge cluster which needs some can-bus hackery to pull the telemetry data from the cars engine management system. Again I’ll update the page once I get some time 🙂
================================================================================================================
’89 MX83 Toyota Cressida
This is my other car… Its pretty heavily modified by this point, set up to be a tough streeter but it also does see its fair share of track time.
As always, I ripped out the stock engine 3.0L inline-6 7M-GE (193hp) and replaced it with a Lexus V8 4.0L (261hp) which has had a full rebuild and some spicy internals. The car came from factory with an Auto transmission, when I initially did the engine swap I kept it auto but since then I’ve swapped that for a T56 6 speed manual from a VY Commodore. The gearbox was way too big to fit in the Cressidas transmission tunnel so I had to perform some surgery, I basically cut a caesarean section down the middle to open it up, and welded in a new steel section.
The suspension is also pretty worked, with BC adjustable shocks, adjustable rear arms, extended front lower control arms, RCA’s , cut and shut knuckles, the list goes on. This is all for drifting to give the car a lot of steering lock so you can hold big sideways angles without spinning.
On the engine side of things again I’ve changed the inlet manifold from a single throttle body plenum to Independent Throttle Bodies (ITB’s) To be honest, on a motor like this they dont allow much of an increase in power, but they look great and sound incredible. I designed a custom plenum in Fusion 360 CAD which will allow me to run this intake system with a turbo, which is the ultimate goal for this engine.