The OSIRIS Lab is very happy to welcome two new Hackers in Residence this fall! Nick Gregory, whose contributions as a lab member the past several years have been invaluable, and Alexei Bulazel, whose lectures have been incredibly insightful and forced us to learn. We look forward to working with you both!

Our economy is becoming more specialized and more and more tasks are being automated. We must have confidence in these systems and the technical infrastructure that supports them. However, this confidence relies on too much implicit trust – overlooking serious risks. Assurance in this area is hard won, manual, and costly.

When exploiting a program, there’s four primary regions of memory that matter to us:

• The program itself
• The stack
• libc
• The heap

This is a writeup of the AES-128 TSB challenge from Teaser Dragon CTF 2018