Blog of a security enthusiast
Saturday, January 01, 2022
Universal Go exploit using data races, no imports
In the last two blog posts, I described a challenge and exploits to get code execution from arbitrary Go code only allowing the fmt packa...
Saturday, December 07, 2019
The Gomium Browser - Exploits
In my last blog post , I described The Gomium Browser, a pwn challenge of the Google CTF 2019 finals that 4 teams (pasten, 5BC, p4, A*0*E) ...
Thursday, November 07, 2019
The Gomium Browser - Google CTF 2019 finals challenge
Last weekend were the Google CTF 2019 finals in London with 10 invited teams, part of a larger event named ESCAL8 with VRP researchers (Bu...
Thursday, December 03, 2015
From remote shell to remote terminal
If you like exploitation surely you've had your own reverse or connect-back shells. Set up a listening netcat, run the payload and boom:...
Wednesday, April 22, 2015
Creating Burp extensions in Python, the "editor" case
Surely you've heard of the Burp Suite , quite useful software to perform security testing of web applications and in general to play wit...
Wednesday, April 15, 2015
Golang data races to break memory safety
Go is becoming more and more popular as a programming language and getting more scrutiny from a security point of view. You might remember m...
Sunday, January 25, 2015
DNS reverse proxy
I have a server with a single IPv4 and I want to run two DNS servers: one to serve zones like stalkr.net - if you recall , I like PowerDN...
Monday, October 13, 2014
Tiny ELF 32/64 with nasm
Sometimes I need to create a tiny ELF with some assembly code, because I'm restricted in size or just don't like the bloated binary ...
Saturday, January 04, 2014
IDA on Debian amd64 with python
Are you the lucky owner of an IDA Pro linux license? Since I had errors last time I set it up, here is a quick brain dump on setting up IDA...
Wednesday, June 19, 2013
Defcon 21 quals - blackbox write-up
It was DEFCON 21 quals last week-end, with new organizers . It went well, good organization and good challenges. If you're curious abou...
View web version