DawgCTF 2020 - Where we roppin boys?

CTF Writeup for DawgCTF 2020: Where we roppin boys?

Vasilisk

Vasilisk is a V8 JIT fuzzer that focuses on optimization passes.

Reverse Engineering Go, Part II

This post is on how the Ghidra decompiler works, and how to make it work for Go. Part 1

Reverse Engineering Go, Part I

This will be part of a multi-part post on Go binaries and reverse engineering them. Part 2

DIY Binary Analysis with OBIN

To learn how tools like IDA work under the hood, and learn more about binary analysis, I made OBIN for Osiris Binary analysis tool which does the following:

  • Parsing the elf file and show the information in the header
  • Disassembling the sections which include program code (there is also an experimental gui with TkInter)
  • Generating the function call graph
  • Checking whether a sequence of syscalls or function calls can happen during the execution of the program

Introducing Our New Hackers In Residence

The OSIRIS Lab is very happy to welcome two new Hackers in Residence this fall! Nick Gregory, whose contributions as a lab member the past several years have been invaluable, and Alexei Bulazel, whose lectures have been incredibly insightful and forced us to learn. We look forward to working with you both!

CSC 04/23 - Hacking the Motherboard - Exploiting implicit trust in all of the forgotten places

Our economy is becoming more specialized and more and more tasks are being automated. We must have confidence in these systems and the technical infrastructure that supports them. However, this confidence relies on too much implicit trust – overlooking serious risks. Assurance in this area is hard won, manual, and costly.

Pivoting Around Memory

When exploiting a program, there’s four primary regions of memory that matter to us:

  • The program itself
  • The stack
  • libc
  • The heap