:::: MENU ::::

Dawit's Tech Blog

My name is Dawit and I write about Technology stuffs.


  • Jan 28 / 2017
  • 0
InfoSec, Security, Social Media, Traffic Analysis

WeChat Android Application Traffic Analysis and Pattern/Signature Extraction

Nowadays, many media-rich entertainment and Communication applications have emerged on the Internet, which often use obfuscation techniques such as encrypted data transmission, random/changing ports, or proprietary communication protocols to prevent detection or filtering by network or content owners who believe the traffic is threatening their (infrastructural, service availability or intellectual) property and as a norm many of the application adopt Open Source based application development i.e. the protocols, libraries, databases and platforms they use are almost similar, widely used and few features proprietary. For example, WeChat they have tried to use standard ports (TCP & UDP) but the packet structure is different from the actual HTTP and HTTPS, and Random Ports.

Instant messaging (IM) has become one of the main applications of mobile phones, with plenty of “apps” available and literally billions of messages exchanged every day. With the widespread diffusion of mobile Internet traffic plans, IM and VoIP applications are rapidly replacing other forms of mobile communication, such as text messages, voice data/calls and, in some situations, even e-mails. As conversations are rapidly converging to IM applications, it is natural to start asking how secure this communication channel actually is, and if users can really trust IM apps and their back-end infrastructure. I decided to pick one of these applications and look “under the hood”, in order to see how the developers tried to ensure the confidentiality of in-transit communications.

WeChat is a feature-rich and sophisticated mobile application, which allows users to communicate via text messages, video and voice calls, to share photos and attach recorded voice/videos Msgs, and much more. The app is available for several mobile platforms. Why WeChat? According to Google Play Store as of Sept 2016, WeChat for Android alone has more than 500 million downloads. and it has been advertised on International TV Channels (DStv and others).

WeChat Version 6.3.22 (Latest Version)

  • Signaling VoIP
    • Udp port == 8080, 80
      • Offset[0] ==0xa1
      • Offset[1] ==0x08
      • Offset[7] ==0x10
      • Offset[9] ==0x18
      • Offset[10] ==0x28
      • Offset[11] ==0x22
      • Offset[12] ==0x28
    • Udp port == 32780, 34003, 40768, 42410, 40049
      • Offset[0] ==0xa3
      • Offset[5] ==0x08
      • Offset[11] ==0x10
      • Offset[13] ==0x18
      • Offset[14] ==0x28
      • Offset[15] ==0x22
      • Offset[16] ==0x28

Continue Reading

  • Jan 04 / 2017
  • 0
How to tips, Uncategorized

Moving Your WordPress Website From Localhost To Live Hosting Server

A virtual web server installed on your computer (or local server) allows you to build and customize a WordPress website with ease and speed. Since every edit requires saving and refreshing, developing a WordPress site on a live server can easily turn into a nightmare given the limitations of bandwidth and Internet traffic.

For this reason, most developers rightly choose to do all the nitty-gritty of WordPress development on a local server and later upload the finished website to the live server. Similarly, future updates to the website are done and tested locally before being uploaded to the live environment.

In this post, I’ll be going through the process of moving a WordPress website from a local server to a live server. This process allows you to safely move all of your site’s content (images, posts, and pages) as well as themes and plugins from a directory on your computer to your host’s production server. Obviously, there are a couple of handy plugins that can make this process a breeze, but it’s always advantageous to learn the manual process.


In this tutorial, I assume that you already have a WordPress website running on your computer. I set up and customized a starter theme specifically for this tutorial. The customized site I’ll be migrating is called ‘Sample site’ based on the Default Themes provided by WordPress.

Image result for sample wordpress sites

I also assume that you have paid hosting with PHP and MySQL support. Fortunately, most hosting providers support PHP and MySQL. Better yet, many providers offer one-click install scripts for WordPress so you don’t have to go through the manual setup.

And finally, you should have FTP access to your hosting account along with a client program such as FileZilla FTP. You’ll be using it to upload the files to your host. Alternatively, you can use the File Manager option in cPanel but unlike FTP (Filezilla Client recommended), cPanel doesn’t provide a view of your local directory structure. Okay, with all of that in place, we should be ready to go.

Continue Reading