Compiling always

Surely you have come across situations where you have had to compile a program, even if you are not a developer. Even today, there will be some other programmer who has just develop in interpreted langa\uages and has problemes every time he has to compile... If you are a developer and you develop in C, C++, ASM or simply, you have been interested in how the things work, this post will be trivial.(I do not include people who have studied …

Sending large packets in SSH

I have been having troubles with a question where I had to test that an SSH implementation drops (or reject) packets greater than 262144. Thus, after reading the RFCs and the SSH protocol standard, I had only two solution I found is implement my own SSH protocol, or (easy and chose way) modify an existing implementation of SSH.If we look the RFC 4253 [1], which is the RFC of SSH, we have the following:We can send and receive a packet …

Basic Linux binary analysis tips

Tips and useful commands for analyse binaries from determining the file to debugging. The purpose of this post is have a easy and fast guide for the firsts steps of reversing. Obviously reverse engineering is a world and also if you play CTF this guide will not be useful for you, at lest for the normal tasks where you have to look the assembly code in functions to understand what the program is doing.Determining file typeExploring dependenciesParsing the ELF binaryDynamic …

Fixing chinese Bluetooth dongle for Linux

Most of cheap Bluetooth dongles from Aliexpress do not work natively in Linux. I have been looking the source code of Bluetooth Linux driver looking for this problem and I have found that it is because some of these dongles are blacklisted because they are using for malicious actions. Thus if you want to use one of these dongles you should remove this code which blacklists the dongle.Identifying the problemTo identified the problem I connect the device but nothing happen. …

write4 challenge of Rop Emporium

Over the past few days I have not enough time to write and play CTF games, but yesterday I had a little bit of time, so I searched a bit about websites which has challenges about exploiting, I found a lot of websites with these kind of challenges thus I chose one of them, ROP Emporium and the challenge Write4 (random).So, It is a writeup about this challenge, I have used peda and pwntools.Solution write4: ELF 64-bit LSB executable, x86-64, …