BinExp Corner: Episode 2 - Intro to Reverse Engineering

Posted on Fri 27 May 2022 in Tutorials • Tagged with tutorial, binexp, reverse engineering

The second episode in our binary exploration series. In this one we cover a little bit about how to get started reversing binary executables. We'll touch on both static and dynamic analysis, and look at some tools that will give us some insight into what a binary does. We cover process memory structure superficially and touch up on assembly language and CPU registers.

Continue reading

TryHackMe: Shaker Writeup

Posted on Wed 26 January 2022 in Writeups • Tagged with writeup, Log4j, Log4Shell, Docker, Containers

I don't often post writeups for CTF rooms, but I decided to make an exception for Shaker at TryHackme because I thought it not only did a very good demonstration of the impact of the recently infamous Log4Shell vulnerability but also showcased how hard it can be to secure a docker container.

Continue reading

Down the Jellyfish Hole

Posted on Thu 06 May 2021 in Rants • Tagged with rants, cve, CVE-2021-29490, jellyfin, vulnerability, tryhackme

Sometimes rabbit holes aren't a bad thing. The story of how I went to do a Challenge on TryHackMe and came out with a CVE on the other side.

Continue reading

BinExp Corner: Episode 1 - Stack Buffer Overflows

Posted on Sat 06 March 2021 in Tutorials • Tagged with tutorial, binexp, buffer overflows

The first of what's hopefully going to be a series on binary exploitation. We'll take a look at Windows 32bit Stack Buffer Overflows and show you why they are exploited the way they are. We'll also dive into some considerations about Buffer Overflows in general. And present an example of how to develop an exploit via this technique.

Continue reading

Hello World

Posted on Fri 05 March 2021 in Rants • Tagged with rants

This is the mandatory "hello world" post that any creator must go through. Also, something interesting coming soon. Read more inside.

Continue reading