http://shufflingbytes.com/posts/Recent content in Posts on Valtteri LehtinenHugoen-us© Copyright 2026, Valtteri LehtinenTue, 03 Mar 2026 21:06:01 +0200http://shufflingbytes.com/posts/harjus-release-4.0.0/Tue, 03 Mar 2026 21:06:01 +0200http://shufflingbytes.com/posts/harjus-release-4.0.0/After releasing the triangular arbitrage trading bot Harjus under MIT license and publishing a write-up on my journey last year, I took a brief stint of working on other stuff. However, I was constantly feeling that I had given up too early, when there were still major optimizations that could be enough to turn a profit. My previous write-up had caught the eye of multiple aspirational arbitrageurs who, to my pleasure, contacted me in search of advice.http://shufflingbytes.com/posts/binance-triangular-arbitrage/Mon, 21 Jul 2025 09:14:28 +0300http://shufflingbytes.com/posts/binance-triangular-arbitrage/Note Read also the writeup on latest Harjus release. The idea of turning on a program and just letting it rip while collecting (riskless) money is compelling. No sales or marketing, or other things I, as an engineer, like to shy away from doing - just enjoyable tinkering with models and infra. That’s printing money. To have a go at money printing, I built a trading bot. The bot is called Harjus (Finnish for grayling), and it exploits triangular arbitrage opportunities within the Binance spot market.http://shufflingbytes.com/posts/how-to-make-nmap-recognize-new-services/Sun, 03 Mar 2024 16:36:06 +0200http://shufflingbytes.com/posts/how-to-make-nmap-recognize-new-services/Nmap has been my favorite hacking tool for years. Its accuracy is unchallenged and it boasts hundreds of scripts that make it vital in every pentest engagement. Lately, I’ve been working more on the ICS space, developing a OPC UA vulnerability scanner. To my dismay, I noticed that Nmap does not recognize OPC UA services. This makes black box security testing of this dominating ICS protocol tricky, as OPC UA server vendors are known to use non-standard ports extensively.http://shufflingbytes.com/posts/voip-voice-bridge-with-soundboard-for-prank-calling/Sat, 06 Jan 2024 21:50:16 +0200http://shufflingbytes.com/posts/voip-voice-bridge-with-soundboard-for-prank-calling/I don’t know what it tells about me, but I have a soft spot for prank calls. My guilty pleasure is listening to the prank call show Phone Losers of America. In the show, the host Brad calls up unsuspecting people with bizarre stories to get a reaction out of them. He’s done it for decades, which you can tell from his ability of giving his victims a hard time on the phone while remaining totally cool himself.http://shufflingbytes.com/posts/ripping-off-professional-criminals-by-fermenting-onions-phishing-darknet-users-for-bitcoins/Mon, 05 Jun 2023 18:58:10 +0300http://shufflingbytes.com/posts/ripping-off-professional-criminals-by-fermenting-onions-phishing-darknet-users-for-bitcoins/DALL-E’s take on “A scary person holding rotten onion” In 2018, I read about the perfect crime of stealing the money of credit card fraudsters by making fake carding sites. At the time, this felt genius to me; the attackers were apparently making a decent living while nobody was presumably coming after them. (Except maybe now someone will, as they got Krebs’d by Brian). Morally this felt fine as well.http://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/Mon, 30 May 2022 19:46:53 +0300http://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/Remember UPnProxy? Flawed implementations of UPnP allow external attackers to use devices as proxies without any authentication. Such devices are vulnerable to UPnProxy. Various malicious actors have been using this vulnerability to commit crimes. During penetration tests, I have multiple times encountered such devices on the public IP address space of the clients. No suitable tooling exists to exploit them, so I decided to create some. The result is UPnProxyChain, which allows you to use vulnerable devices as SOCKS proxies.http://shufflingbytes.com/posts/hacking-goip-gsm-gateway/Tue, 15 Feb 2022 20:25:20 +0200http://shufflingbytes.com/posts/hacking-goip-gsm-gateway/While listening to Risky Business ep. 642, I learned about a botnet that has been abusing a vulnerability in TP-Link routers to provide SMS messaging as a service for years. The exploited vulnerability allowed the botnet operator to send SMS messages on someone else’s bill and the operator sold this capability for others, including other criminals. Similar services are no doubt used when you receive smishing messages notifying you about false packages stuck in customs.http://shufflingbytes.com/posts/zone-trasfer-experiment/Thu, 13 Jan 2022 16:16:31 +0200http://shufflingbytes.com/posts/zone-trasfer-experiment/DNS Zone Transfer is a mechanism for administrators to replicate DNS datasets across DNS servers. If it is enabled for a DNS nameserver, the nameserver will gladly give all DNS data regarding a domain to anyone who asks. Enabling Zone Transfers will cause an information disclosure and can thus be considered misconfiguration. I decided to investigate how common this nameserver misconfiguration is by doing a zone transfer query on all .http://shufflingbytes.com/posts/wardialing-finnish-freephones/Wed, 23 Jun 2021 11:06:16 +0300http://shufflingbytes.com/posts/wardialing-finnish-freephones/What kind of systems are there in the Finnish telephone network today? This question appeared to me a while ago when leafing through an old telephone directory from the early 2000s. There are at least ordinary subscribers, business customer support lines, voice mails, and fax machines. Subscribers and customer support lines are not of special interest to me. I am more interested in automated systems that let the caller interact with them somehow.http://shufflingbytes.com/posts/sip-honeypot/Sat, 17 Apr 2021 18:58:44 +0300http://shufflingbytes.com/posts/sip-honeypot/I got interested in telephones and the Voice Over IP (VOIP) scene soon after reading Phil Lapsley’s Exploding the phone (2013). According to the book, there is a whole underground of VOIP hackers. I had not come across them while lurking in the information security scene. After my interest sparked, I started paying more attention to telephone-related security research. The podcast Darknet Diaries by Jack Rhysider has a great first episode called The Phreaky World of PBX Hacking.