Writings on Security, Research, and Technology

The Chinese Private Sector Cyber Landscape

As China's "decade-long quest to become a superpower" comes to fruition, the PRC has increasingly moved to eliminate barriers between its civilian-commercial industries and the State. Companies within the technology industries, particularly domestic cybersecurity enterprises, increasingly stand at the forefront of their fields, offering insight and services that are not only unparalleled in their scope, but that also represent a tremendous potential resource for China's government and military. For those interested in the development of China's political and military strategy, understanding China's domestic cybersecurity ecosystem is critical. … Read More 

Watching the Watchers

Analyzing corporate automated bug reporters in the Linux Kernel … Read More 

MikroTik Authentication Revealed

MikroTik altered its router authentication protocol in 2019, a change which frustrated developers, system admins, and researchers whose customized tooling is now broken. Our team at Margin Research successfully reverse engineered the new process, are we are excited to share protocol details. This blog post outlines the cryptographic steps and offers proof of concept programs to demonstrate the new protocol. … Read More 

Hardware Hacking For Software Hackers

This blogpost will help anyone who is trying to do vulnerability research and/or exploit development on a physical device, and who does not have a debugging setup, shell, or firmware! Or, better put: let's get you some root shells without the hassle of finding a 0-day! … Read More 

Remote Android Debugging

Remote android debugging across the planet using Frida. … Read More 

An opinionated guide on how to reverse engineer software, part 1

Reverse engineering is just one step on the road to some final goal. Which could be to reimplement someone’s algorithm, interoperate with a new system or application, look for software vulnerabilities you can exploit, make game cheats, or revive old dead software to run on new systems. This is the first post in a series meant to help improve your static reverse engineering skills. … Read More 

Bypassing glibc Safe-Linking: CSAW 2021 Quals (word_games)

This post overviews and implements exploitation strategies that circumvent new safe-linking heap protections included in glibc-2.32+. Safe-linking shortcomings are demonstrated in the context of a binary exploitation Capture the Flag challenge submitted to New York University's CSAW 2021 Qualification competition. … Read More 

WINTERN 2020: Zombie Link Crawler

In this post, our intern Justin Mai documents his process of creating a scraper to find dead or "zombie" links. These are links where the domain has expired and is able to be registered, potentially by an adversary to bring their unsuspecting victims to malicious sites. … Read More 

WINTERN 2020: IoT Firmware Analysis

Read More 

A Retrospective on Modern Information Operations

In 2019, Margin Research gave a presentation at SummerCon in which we explored threats relating to social media astroturfing with the intent of conducting disinformation campaigns. We reviewed known attacks and presented our framework for studying disinformation campaigns. Since then, this field has developed considerably alongside our investigations into novel attack surfaces introduced by manipulating the social dynamic in digital spaces. … Read More 

The Risks of Huawei Risk Mitigation

While there is widespread agreement that Huawei devices in 5G infrastructure pose some risk to the U.S. and allied nations, the policy community—in particular the U.K.’s National Cyber Security Centre—has paid insufficient attention to the technical aspects. The discussion must examine not simply whether China would use this technology maliciously, but the specific threats that Huawei equipment could pose and the extent to which these threats can be mitigated. … Read More 

Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications

Given the rise in popularity of cloud computing and platform-as-a-service, vulnerabilities in systems which share hardware have become more attractive targets to malicious actors. One of the vulnerabilities inherent to these systems is the potential for side-channels, especially ones that violate the isolation between virtual machines. … Read More