Pulling MikroTik into the Limelight
A comprehensive guide to MikroTik internals, including IPC, hand-rolled cryptography, and a novel post-authentication jailbreak
Cannoli: The Fast Qemu Tracer
Cannoli Cannoli is a high-performance tracing engine for qemu-user. It can record a trace of both PCs executed as well as memory operations. It consists of a small patch to QEMU to expose locations to inject some code directly into the JIT, a shared library which is loaded into QEMU
The Chinese Private Sector Cyber Landscape
As China's "decade-long quest to become a superpower" comes to fruition, the PRC has increasingly moved to eliminate barriers between its civilian-commercial industries and the State.
Watching the Watchers
Much of our world relies on open source projects. The Linux kernel is arguably the crowning achievement of the open source movement, the foundation of Google’s Android and NASA’s satellite software. But five of the top ten bug reporters are automated systems.
MikroTik Authentication Revealed
A deep-dive into MikroTik's hand-rolled Elliptic Curve Secure Remote Protocol (EC-SRP) cryptography used in client-server authentication
Hardware Hacking for Software Hackers
Introduction Hello! This resource is meant for anyone with some *nix/software/exploit dev. experience, but with little to no hardware/electronics background! While the ins and outs of basic circuits won't be covered (as there are many great resources for that online), the information is meant to be presented
Remote Android Debugging
Covid just made GDB obsolete, long live Frida! Imagine a world where you don’t have to press 500 keys just to get to the same state as you were in the last run and where you actually can introspect the runtime. Frida offers a somewhat clean way to debug
An opinionated guide on how to reverse engineer software, part 1
This is an opinionated guide. After 12 years of reverse engineering professionally, I have developed strong beliefs on how to get good at RE.
Bypassing glibc Safe-Linking: CSAW 2021 Quals (word_games)
This post analyzes glibc-2.32+'s safe-linking feature introduced in December 2020 in the context of a CTF challenge developed for New York University's CSAW 2021 Quals competition