-
Aug 4, 2024
Debugging running Python scripts with PDB via GDB
A friend of mine had an interesting case recently where they wanted to debug an already running Python script on Linux and after some testing it turned out this is possible, so let’s see how it can be done in CPython :).
Read more -
Jun 20, 2024
Python specialized bytecode and pycjail returns challenge solution
I gave a talk on “Python specialized bytecode” on Pykonik #70 where I also made a walkthrough over the “pycjail returns” challenge from ångstrom CTF 2024. The video can be found here and its slides here.
Read more -
May 16, 2024
Understanding AddressSanitizer blog post
Some time ago during an audit I found an out-of-bounds bug that was not detected by AddressSanitizer. This spawned a whole research at Trail of Bits which I talked and wrote about in details!
Read more -
Aug 21, 2022
Pwndbg coding sprints report
This blog post is a report of the two coding sprints for the Pwndbg project that I organized first on the EuroPython 2022 conference and then, taking inspiration from the previous one, in the Hackerspace Kraków, located in Cracow, Poland.
Read more -
Feb 16, 2021
Terrible inet_aton in glibc
TLDR: The
Read moreman inet_aton
states that “inet_aton()
returns nonzero if the address is valid, zero if not” …and so it is sometimes used to check if a string is a valid IP address. Which should be fine, but isn’t, because some implementations are weird. -
Jun 9, 2020
Checking if a mutex is locked in Go
I have written a blog post about checking if a mutex is locked in Go. It can be found at https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/.
Read more -
Apr 9, 2020
Back to the blog
I haven’t written any post in here for some time and I want to fix that. For now, it is probably worth mentioning that in the meantime I gave many talks, reviewed some articles in Paged Out! and wrote two articles:
- A blog post on Trail of Bits blog: “Understanding Docker container escapes”
- An article “
from cpython_exploit_ellipsis import *
” to Paged Out! #01
-
Nov 12, 2018
Reboot your pc from a docker container
I came back from a PUT Security Day where I gave a talk about Docker security. One of the questions I asked myself when preparing the talk is whether one can reboot their PC (aka host machine) from a docker container.
Read more -
Feb 24, 2018
Logs injection or why is logs tailing unsafe
I have been playing with one of Android apps that pushes some messages to logs based on user input recently and I have noticed that
Read moreadb logcat
is as bad astail -f
when it comes to following logs. -
Oct 21, 2017
JHtC4BSK translatespeak [web] writeup
This is a writeup of translatespeak{1,2,3} web security related tasks I have prepared for JHtC4BSK CTF that was held mainly for MIMUW students by JHtC.
Read more -
Jun 29, 2017
Gynvael's PL stream 006 mission solution
This is a writeup to small stegano task from Gynvael Coldwind’s polish stream 6th mission (there are small tasks at the end of his livestreams).
Read more -
Jun 25, 2017
Google CTF 2017 - Inst Prof [pwn]
This post is a full writeup and walkthrough of a ‘Inst Prof’ binary exploitation challenge from Google Quals CTF 2017. I have used a return-oriented programming exploitation technique to solve it.
Read more -
May 29, 2017
Gynvael's PL stream 004 mission solved with angr
This is an angr writeup to a “spaghetti code” task from Gynvael Coldwind’s polish stream 4th mission (there are small tasks at the end of his livestreams).
Read more -
Nov 9, 2016
Security PWNing Conference 2016 oraz CTF od P4
Niedawno wróciłem z Security PWNing Conference 2016 organizowanej przez wydawnictwo PWN oraz Gynvaela Coldwinda. Z całą pewnością można powiedzieć, że to jedna z lepszych konferencji poświęconych tematyce bezpieczeństwa IT w Polsce.
Read more -
Jun 1, 2016
Confidence CTF Teaser 2016 - GoBox and GoBox2 [pwn]
This is a writeup from Confidence CTF Teaser 2016 - GoBox and GoBox2 tasks from pwn category.
The program was a Go lang sandbox that asked for input - a valid Go program. Then it compiled and executed it. The binary was running on a server and the goal was to launch external program on it.
Read more -
May 2, 2016
Google CTF 2016 - For2 [Forensics]
This is a writeup from Google CTF 2016 - For2 task from forensics category.
We have got a
Read morecapture.pcapng
file, which is a sniffed USB traffic from an usb mouse (yeah, you can capture it e.g. with Wireshark). -
Apr 1, 2016
C++ Boost.Preprocessor and template loops
Today I will write a story about how I saved myself a lot of writing with just a few lines of code (that doesn’t mean it took little time :P).
Read more -
Oct 10, 2015
One extract to rule them all
From time to time everyone has to extract an archive. When living in a command line the problem of such task is to remember all of the arguments to every of the tools/programs that let you extract different types of archives.
Read more
subscribe via RSS