About
Blog
This blog contains my private/personal notes on random topics I found worth to write about.
About me
Some random stuff / whoami:
-
Name: Dominik ‘disconnect3d’ Czarnota
-
Works as a Security Engineer sub-contractor for Trail of Bits
-
CTF team: captain of justCatTheFish (previously captain of Just Hit the Core)
-
Contributor in pwndbg – Exploit Development and Reverse Engineering with GDB Made Easy
-
Education: Applied Computer Science at AGH University of Science and Technology in Cracow, Poland
-
Used to be an active member and a president (for 2 years) of KNI Kernel
-
Bachelor thesis (in Polish): Impact of memory layout organization of complicated data structures on binary code efficiency. Reviews: supervisor’s, reviewer’s.
-
Master thesis (in Polish): Reverse engineering, finding and exploiting bugs in native apps on x86 and x86-64. The reviews are inside.
-
I am a reviewer of Paged Out! free magazine about programming, security, hacking, computers, electronics, demoscene and other similar topics.
-
I wrote some articles to “Programista” polish programming magazine, which are:
- “IPython – wygodna interaktywna powłoka Pythona” (IPython – Python enhanced interactive shell) – describes IPython interactive shell and its features (history, magic commands, configuration, extensions, notebook/Jupyter) – article pdf;
- Never ever to be fooled to pay ransomware! – CTFZone 2018 Quals - a write-up of a reverse-engineering CTF challenge where we had to decrypt an Android ransomware. Solved and written together with Paweł Łukasik, who also wrote a write-up on his blog.
- Teaser Dragon CTF 2018 - zadania production oraz cryptovm - write-ups of
production
andcryptovm
challenges from Teaser Dragon CTF 2018, written with my CTF teammates: Gros and Tacet. I was responsible for theproduction
challenge where you had to makeopen
syscall fail by exceeding the maximum number of opened file descriptors, which were limited byrlimit
beforehand. - Pwn2Win CTF 2021 - atak Spectre - write-up of a CTF challenge where we had to exploit Spectre vulnerability. Written with Arusekk.
- Przegląd błędów w CPythonie - A review of known CPython bugs that were reported before in the official Python bugtracker - bugs.python.org.
- Pułapki w języku Go - Go programming language traps that may lead to security vulnerabilities.
Contact
-
e-mail: dominik.b.czarnota+dc@gmail.com
-
irc: disconnect3d @ freenode.net
Hobbies
Programming, reverse engineering (or rather looking under the hood), computer security, teaching others and ice skating.
PGP Key
Here’s my public pgp key (can be downloaded here):
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFovvWUBEADf1X3LhfzgXEuORBMYTepmHIXXJD5Fms68yznB33h2l8rE2M7P
ok03r9mAzuza1idB/Lbquj0HRKa08AkyVogXuGfc0UtnoHLgwnAblN6caQEnjghv
ddPEq36j1bh9C1OgO9cdbDFAszrKW4GWDtEiP/lue/4OEWtPD5VNiCry53/YL+6H
TAUPKPNa5SNT13j7S5vS2i+Xqmw7e+77WGa7w7CLnKBuiVCZg43/zx1FlXAeRNIy
kPnLCnZWvt8wKgzCvhwL+EPbqeEWOFRSUCODlHFcmwkX6r2HbN8vNxn9ihXEXyaS
rrcmb4W+gocwRilJsp+3nfSlfj8Js5SyJWguw2fekp8Ct1XnKqn0bU6eu9AVNRPb
/l9ys45CaY5/I79vR81QRtqFDWzaEHwUipvbHIx3yfdt/9l3U6hfMD2ZQomltjZW
5VeRjmtsPAAxKX3Z2SSIhHpveV5EFRL+y0OweI14uJYQGrRmTbXRzbVIFQpYfEuW
hgG5DdA3vH5pKNmhuUsBWz/DveDRBtJDbnfijAeIro5LjkSIpWUwkv5QX/XBCpLq
W9Nw5TaNWUdZLg35VxNXfVr1L/G36UEZaTFxGTy+a3DQeYMmKAoeDyE7rPXhi2Vs
D1blvjIFWwY6QBV4jeKj8EMBPg1foNmf5fvujWjTo6ipqlTmjY6Jtw6ZDwARAQAB
tD5Eb21pbmlrICdEaXNjb25uZWN0M2QnIEN6YXJub3RhIDxkb21pbmlrLmIuY3ph
cm5vdGFAZ21haWwuY29tPokCVAQTAQgAPhYhBEfcSsVI+tEbuWMqpS55qJcM0tWl
BQJaL71lAhsDBQkFo5qABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEC55qJcM
0tWlTewQALhxdKET1khHk1XG5y5Jt2xEJplFhPkTCvDUNAUYGZx8RIZ5fQWyPGiy
EXuoroq0tfaMHczOdtkvOBEhgp2clhScx4tXuozzZcVkR58yuF+LdpqFu/o7N0f+
dE8jlvmCmi6VegT3pGaGZCM5f1iTRlrGhon4vq9m1VQFXGn5ntDGZfiZjGlJpvg3
52EvH1e2vxhA+KuPDcfKqBZ+K5n7TiaVQJH8jw1ZRlcCkCYoRxythRc1FoT+hnxg
LDirRvPnQKSMtWTvYEgypaizNYUbuR0lLR+M2memgzIEZoehKp3KMLrNookhSDom
J4HX6NEIU7vJBDXAjg28GzmB+zC62BOF2raS7ZVS3x9B3QlVhb1TChfK1y3qQWT2
nrgNCCsnvTT3Ir1GQ7ECuXQ+xdTrEw3kLvTQL0YJrbxmFYR84graL2V0OBDgejvV
TSvL7DaMwS5VyTq1JnV10oMCShswDQXnNco4AMI06hofEBY45NViv/nuoHK9JSkO
R8gjC5/ec527n08i5IgI+y2dUtynlistas7KyRo72xX/jjYViwbX1BLaTCbi5h55
iaLlcqtNLnT3zj+gltmE/EF3LDqauxRaOzYDK3LAWU50L0vaWRLzo9BNmveGqv4o
/BVLiK1lkJR3pEPv+8KNLuqtqB8pKFVB/TjMraC4kBjDkbasBqHTuQINBFovvWUB
EACxSTsM2sgeJ8qlTqHbv/tSlboFS6LHVUErOmyPrP0PvnavpVKADZF613DPiiXB
sMHnUmn1UDWhpI52QXGjLpy1e5yGNqQzYXmLnd0a2QtFlQ/v1xSu/CbuU2zcAUgq
BhqqdPrQuYT2XtNiwGlOyls0a1pD68XTYper1krRouJYhjLj+cTKf4sKiG1iJPzy
QUW8EgpvmbaSqxZEiMbDthwl/lQCVr/M7zV6BPwd9X6e72oh8S39IMucIZqnilRH
lulC1I+WvRq7em79JaWC0qlQiY1lZoktddIgf19VTc1cNTq2j0fneJBnY8eRv9tW
nN9jG85HIyn2oq9V4tdP5OpsvTg4arDhbDSZvXURpfpogWZ5PbIXsUyV8dMihUSt
LlNedAyLKPUVjTF4TVfbmG04qz42HWIlSrNwIuB5kUr8jSOKw7ZrF9VGOHhv8YAo
2uDtu9UdXXNW78tY90/6WxfokRR/B8lPtaklSvad2v8DpsQA++HhJgOt5I1+EG8A
CkfZLBz04hulE9tENunSpjfr6gO9VITcQMBvqy+X3DQpoNo24hS3RiVIC893AZJJ
ijYEEdZOYiNmOZjRGjl9dy0sEpE+zxJwb4AD74Ytc/oCHt0ZZ0aX5Iggpe7kFIDl
K/+70D4RevobujASU8cUbJPD/o9nc3kfjNbqhGcHaRpl4wARAQABiQI8BBgBCAAm
FiEER9xKxUj60Ru5YyqlLnmolwzS1aUFAlovvWUCGwwFCQWjmoAACgkQLnmolwzS
1aWF2xAAhGLsleeCofQmnw9oBxD0jAiVW9B2w7n21RmVxIp79ughc5SI1AFmVg8L
MSa/y4EKDzuORv9XDI8OQn7mMegcGpRNu5BZFKtUbkZjKQpV9dxqbtQluMlrzeNM
f6KlpiCybxganvYEEyCUCHHL2o4ZWKE5MjsjfMp+xly64y+9f0n+BBIwnDh6gatJ
ZsjwqbfmBuCdXS2x6QZND8+3rhc67S7NZ+ISjIFZU3nCvPYzgDGwE3sP5RayU10/
fCu3V75HUPz/uH32wuBa4R/jmPZ+Hl3kwzZatkAZmOtH8gyHaf25tC4S7xY0iogf
KDDM/OCykvAPQlirWx0XGBIj154hjV8RJo9XFCZnCKMXxhDOmJtqIXAAubT1EuU3
4jnNrjxemO3KwVSwSSw9YrTRPjlQFiVcajp9Td8r8NzAIusldksscF3iiZm2YQpC
giMhK9RDBqo4z1PFEzhopo/soWLk/Ed97jJkQMzY71TigHgvyo4iyNMaSshjC5t9
/L7xOepcAEAtb0KuXxFxsd0R8gjAcv29eOUtq3k1+ZfU/dkzkecvt9z00uFDoYtQ
bVPPSePKvbu0Xgfq6HHvwajNJjRh6JubF6Mo7onkPTBblMPDosM4HYPj19ZgZn3T
i+Md0w7bheDt1CA5M3MWA1X0KzSm9NQEBL2hwNJBJhchvpR4OVg=
=aJj2
-----END PGP PUBLIC KEY BLOCK-----