Category: Uncategorized

Hi all. Recently, I wanted to easily create in a reproducible way some VMs for my security research. My main workstation runs Fedora and I decided NOT to use any 3rd party software such as VMWare or Virtualbox. Here my little adventure starts … I installed Vagrant, using the official way, no hiccups there. After… Continue reading Adventures with vagrant-libvirt in Fedora 35 land

Welcome to another edition. A few days ago I was playing a CTF and was faced with an IP restriction on an API. Fortunately, there was a misconfiguration and using an “X-Forwarded-For” header was able to bypass it. Here is a list I have compiled in case some of my readers want to incorporate this… Continue reading HTTP Bypass via Header Injection

Jumping on the Log4j bandwagon, I dropped today K-Amon-K. Enjoy! (and listen to the band!)

Hello dear reader. Recently, I upgraded my Linux laptop to Fedora 35. Fedora 35 comes with Python 3.10 as the system Python. Unfortunately, as documented in this GitHub issue, (do not forget to upvote!) this causes incompatibilities with Binary Ninja. Here is how I addressed this topic (standard disclaimers apply): Initially, I decided to use… Continue reading Fixing Python 3.10 incompatibilities in Binary Ninja

Welcome again to my humble corner. Today I will share a story how I managed to deal with embedded ELF files using Binary Ninja. I was reversing an ARM firmware for fun (unfortunately not for profit!) and run into the following issue. The firmware itself is comprised of three sections, a header, an ELF file… Continue reading Dealing with embedded ELF files in Binary Ninja

After a long wait, indicative of the current state of knowledge sharing in the so-called “underground”, Phrack 70 is out. Read it here!

Hello again $WORLD. I am happy to announce that my Commodore Amiga BinaryNinja plugin is now available to the general public. You can find it here. Essentially, the plugin is a BinaryView with support for both Amiga Hunk file formats. To simplify a bit, Amiga has a different file format for “executable” files and for… Continue reading Amiga 500 Decompilation using Binary Ninja

Dear $WORLD. I am happy to announce that I have released the first version of my C64 PRG plugin for Binary Ninja. You can find it here. It has KERNAL support, to make reversing life just a bit easier. You can find it here. As always PRs, issues and corner case reports are more than… Continue reading Commodore 64 Decompilation using Binary Ninja

Hi all, below is a small engineering puzzle that I had to solve recently. The essential components: a Linux Laptop (in my case, running the excellent ClearLinux distribution) aws-iam-authenticator Outline client (A shadowSocks client) The setup was the following. A Kubernetes cluster, a bastion host using Outline as the means to connect and access the… Continue reading Adventures with Linux Outline Client and aws-iam-authenticator