I work in a company that uses custom electronic boards, so there are plenty of instruments floating around that electrical engineers employ to debug faulty connections and solderings. One kind of tools used are the oscilloscopes, tools that measure signals and plot them in a graphically understandable way. We have a bunch of them, yet only one model in particular caught my attention, because it has a web interface! I was super curious so I decided to try and (digitally) crack it open.| Posts on tortel.li
Hi, I’m Manuel and I go by kriive on the internet. I’d love to have a chat, hit me up on Telegram.| tortel.li
At least once in their career, every Go programmer had to write code that interacted with the filesystem. For example, if our application needed to handle some documents, we probably had to write code that handled the files and saved it under a directory. We may have ended up writing code that resemble this: p := filepath.Join(uploadsDirectory, userChosenFileName) f, err := os.OpenFile(p, os.O_RDWR|os.O_CREATE, 0755) if err != nil { return err } f.| tortel.li
While learning the fastbin dup attack, all the online resources I found made the same assumptions: GLIBC is either compiled without tcache support, or in one of the exploit steps calloc is called instead of malloc, and that made me confused. In this article I will cover how to use the fastbin dup attack with a modern GLIBC and shed some light on this exploitation technique. The original fastbin dup attack The original fastbin dup attack leverages a so-called double free.| tortel.li
Since last year I’m involved in infosec, and I co-founded the havce CTF team with some of the colleagues that attended the CyberChallenge.IT course in 2021. I am a big fan of pwn challenges and binary exploitation in general, so after dealing with standard buffer overflows on the stack and the various format string vulnerabilities, I wanted to step up my skills and learn some heap exploitation. I started by using the awesome HeapLAB by Max Kamper.| tortel.li