In the zeroth part of this series we learnt how to perform some very basic symbolic execution of a simple binary. This time we are going to talk about symbolic bitvectors and how to avoid unwanted states to reduce execution times.
[Read More]
Welcome to my blog! My name is last and here I write about my learning journey through the wonderful (and sometimes scary) world of cyber security. Feel free to stick around, nothing here is really too complex to understand (if I learnt it, you surely can too). If you want to contact me, head to the about me page where you will find my e-mail address and Twitter profile. Anyway, check out my blog posts down here.
Introduction to angr Part 0
Baby steps in symbolic execution
I need a holiday. I definetely need one. But what’s the point in going on vacation if you never learned how to use angr in a CTF? Wait, you are telling me this is not a reason not to go on vacation? Well, too bad, you should’ve told me before...
[Read More]
Enigma 2017 Crackme 0 Writeup
Reverse engineering with Binary Ninja and GDB
Yesterday I bought the commercial edition of Binary Ninja and I wanted to test it out so I went looking for some interesting reverse engineering challenges. Since I SUCK at reverse engineering I decided to go for a simple crackme from the 2017 edition of the Enigma CTF called Crackme...
[Read More]
GRIP v0.1
Go RIP Injection Program
It has been in my mind for quite some time to learn Golang and write some pentesting-oriented tools lately. I’ve finally made up my mind and wrote a tool to inject fake RIPv2 routes in a network in Go that I called Golang RIP Injection Program (or GRIP for short)....
[Read More]
Securing Your Macbook Part 3
2FA at login: using Yubikeys as a second authentication layer
Introduction Quick recap of what we saw in the first and second parts of this series. We started out by seeing how to setup your Macbook so that only one account is allowed to decrypt FileVault2, effectively creating two different passwords for mass storage decryption and user login authentication. After...
[Read More]