�����

Exploitation

Learning Linux kernel exploitation - Part 2 - CVE-2022-0847

Continuing to walk down Linux Kernel exploitation lane. This time around with an unanticipated topic: DirtyPipe as it actually nicely fits the series as an example.

By ����� 9 May 2022

Exploitation

Learning Linux kernel exploitation - Part 1 - Laying the groundwork

Disclaimer: This post will cover basic steps to accomplish a privilege escalation based on a vulnerable driver. The basis for this introduction will be a

By ����� 1 Mar 2022

Overview of GLIBC heap exploitation techniques

Overview of current GLIBC heap exploitation techniques up to GLIBC 2.34, including their ideas and introduced mitigations along the way

By ����� 13 Feb 2022

General

MISC study notes about ARM AArch64 Assembly and the ARM Trusted Execution Environment (TEE)

Disclaimer: These are unfiltered study notes mostly for myself. Guaranteed not to be error free. So if you did land here, managed to get to

By ����� 12 Feb 2022

Hardware

LinkSys EA6100 AC1200 - Part 2 - A serial connection FTW!

Last time we left off with a pretty decent understanding about how our router is structured and what components were used. We also found two

By ����� 5 Nov 2021

RE

The devil entered the stage!

This is a write-up for solving the devils-swapper RE challenge.‌‌ It was mostly intended for my personal archive, but since it may be interesting to

By ����� 3 Feb 2021

Hardware

LinkSys EA6100 AC1200 - Part 1 - PCB reversing

It has been a while since I did some hardware hacking, and this time I want to review the basics. The LinkSys EA6100 router intrigued

By ����� 11 Jan 2021

Hardware

Breaking the D-Link DIR3060 Firmware Encryption - Static analysis of the decryption routine - Part 2.2

Welcome back to part 2.2 of this series! If you have not yet checked out part 1 or part 2.1, please do so

By ����� 15 Jul 2020

Hardware

Breaking the D-Link DIR3060 Firmware Encryption - Static analysis of the decryption routine - Part 2.1

Welcome back to part 2 of this series! If you have not checked out part 1 yet, please do so first, as it highlights important

By ����� 14 Jul 2020

Hardware

Breaking the D-Link DIR3060 Firmware Encryption - Recon - Part 1

Recently, we came across some firmware samples from D-Link routers that we were unable to unpack properly. Luckily, we got our hands on an older,

By ����� 13 Jul 2020

RE

What's a bitbang?

Note: This is a re-upload of an old write-up. This is another write-up from an interesting little challenge. The original forum post about it can

By ����� 12 Jul 2020

RE

Welcome to the Poly Bomb 💣

Note: Re-write/Re-upload due to dead links This write up are my thoughts and steps to statically analyze a given unknown binary. I want to

By ����� 10 Jul 2020

RE

Reversing and Exploiting Dr. von Noizemans Nuclear Bomb

Note: Re-upload due to dead links :) Yo! Life kept me more than busy, but now I've got a little more time on my hands. I

By ����� 10 Jul 2020

Exploitation

Exploit Mitigation Techniques - Part 2 - Stack Canaries

PrefaceHey there! After quite some time the second part will be finally published :) ! Sorry for the delay, real life can be overwhelming.. Last time I

By ����� 4 May 2020

Exploitation

Exploit Mitigation Techniques - Part 3 - Address Space Layout Randomization (ASLR)

PrefaceHey there! I'm finally ready to present you the third installment of the series exploit mitigation techniques. The last two times we talked about Data

By ����� 4 May 2020