unam.яe

This is a blog post which I wrote partially a lot of time ago (like other posts that I have never published) because currently I am busy with my job and other stuff that I like to do. In addition, currently I am doing the OSEP course of Offensive Security which is funny but the course is very large (maybe I will write about that course in future).In my latest project that I have been involved with,  I have been …

Surely you have come across situations where you have had to compile a program, even if you are not a developer. Even today, there will be some other programmer who has just develop in interpreted langa\uages and has problemes every time he has to compile... If you are a developer and you develop in C, C++, ASM or simply, you have been interested in how the things work, this post will be trivial.(I do not include people who have studied …

I have been having troubles with a question where I had to test that an SSH implementation drops (or reject) packets greater than 262144. Thus, after reading the RFCs and the SSH protocol standard, I had only two solution I found is implement my own SSH protocol, or (easy and chose way) modify an existing implementation of SSH.If we look the RFC 4253 [1], which is the RFC of SSH, we have the following:We can send and receive a packet …

Tips and useful commands for analyse binaries from determining the file to debugging. The purpose of this post is have a easy and fast guide for the firsts steps of reversing. Obviously reverse engineering is a world and also if you play CTF this guide will not be useful for you, at lest for the normal tasks where you have to look the assembly code in functions to understand what the program is doing.Determining file typeExploring dependenciesParsing the ELF binaryDynamic …

Most of cheap Bluetooth dongles from Aliexpress do not work natively in Linux. I have been looking the source code of Bluetooth Linux driver looking for this problem and I have found that it is because some of these dongles are blacklisted because they are using for malicious actions. Thus if you want to use one of these dongles you should remove this code which blacklists the dongle.Identifying the problemTo identified the problem I connect the device but nothing happen. …