-
Nightmare: Novel Exploitation Tactics With One Byte Write.
Go from one byte out-of-bounds write to a complete ROP chain without IO access and no brute force under extremely restrictive seccomp, without *ever* knowing ASLR base.
-
National Cyber League: A Serious Critique.
A list of problems for Cyber Skyline to resolve.
-
Attacking MuJS: Breaking a JS engine with type confusion and an integer overflow.
Writeup to uiuctf's mujs challenge, a javascript pwn challenge were you must pwn the MuJS javascript engine to achieve arbitrary read, write, and code execution.
-
Albatross: Breaking out of pyjail with your hands tied.
Writeup to redpwnctf's Albatross challenge, where you'd need to take advantage of a python 'eval' without using ASCII characters, strings, and no python builtin functions.
-
Writing a Physical Memory Manager for Operating Systems
Implementing a circular double linked list kernel memory allocator for my latest operating system, dbOS.
-
The Pepsi Place
A blog by pepsipu to talk about computer science and IT security.