Post List

tl;dr Mixed mode assembly (a feature of .NET binaries), involving both C# as well as C++ code in the same executable Code flow jumps between both C#/C++ frequently to make analysis harder SEH mechanism triggered in C++ code, which uses SEH trampoline to make debugging harder SEH triggered once...

# Some pretext Me, Chandra and Sidharth recently placed 3rd in a Reverse Engineering Hackathon/CTF conducted by IIT Madras and IIITDM Kancheepuram. This was very unique as it wasn't like any of the other RE focused CTFs we've played before and the style was really different. The entire thing...

# GSoC '24 - Final Project Report The following report summarises the work I have done during Google Summer of Code 2024, along with the results, scope for improvements and future work. This also serves as the final project report with all the contributions. Basic Info Details Name Suraj...

# lost-canary # Author: spicypete 123Damn, I lost my canary at one of the train stations. Can you help me find it?ncat --ssl lost-canary.chal.uiuc.tf 1337 123456Handout: ld-2.31.solost_canaryMakefilelibc-2.31.soDockerfile tl; dr: Reverse to find unique function not containing bad stack canary Libc...

Extending the features of a debugger, especially GDB, sounded like a fun and interesting project at first glance. I already have quite a bit of experience working with GDB, and use it almost daily while Reverse Engineering or during CTFs. For those of you that are not familiar, CTF stands for...

When the topic of executing hidden code comes up, one's mind often goes into techniques like process injection, C2 server shenanigans, polymorphic code, etc. But what if I tell you there is a method that can execute code that lies plain and simple in the binary, but you'll never see...

tl;dr Custom hook to syscall 0x31337 using eBPF Check on the argument passed to syscall to verify correct/incorrect key # Challenge description: according to all known laws of aviation, there is no way a bee should be able to fly In this writeup I'll be covering the challenge I authored for...

Note: My team and I didn't end up solving this during the CTF, we got very close though. This writeup goes through the steps I took to finish solving the challenge after the CTF ended. Hopefully you learn a thing or two 😃 1Your own secure computer can check the flag! Might have forgotten to add...