disconnect3d's blog

Aug 4, 2024 Debugging running Python scripts with PDB via GDB

A friend of mine had an interesting case recently where they wanted to debug an already running Python script on Linux and after some testing it turned out this is possible, so let’s see how it can be done in CPython :).
Read more
Jun 20, 2024 Python specialized bytecode and pycjail returns challenge solution

I gave a talk on “Python specialized bytecode” on Pykonik #70 where I also made a walkthrough over the “pycjail returns” challenge from ångstrom CTF 2024. The video can be found here and its slides here.
Read more
May 16, 2024 Understanding AddressSanitizer blog post

Some time ago during an audit I found an out-of-bounds bug that was not detected by AddressSanitizer. This spawned a whole research at Trail of Bits which I talked and wrote about in details!
Read more
Aug 21, 2022 Pwndbg coding sprints report

This blog post is a report of the two coding sprints for the Pwndbg project that I organized first on the EuroPython 2022 conference and then, taking inspiration from the previous one, in the Hackerspace Kraków, located in Cracow, Poland.
Read more
Feb 16, 2021 Terrible inet_aton in glibc

TLDR: The man inet_aton states that “inet_aton() returns nonzero if the address is valid, zero if not” …and so it is sometimes used to check if a string is a valid IP address. Which should be fine, but isn’t, because some implementations are weird.
Read more
Jun 9, 2020 Checking if a mutex is locked in Go

I have written a blog post about checking if a mutex is locked in Go. It can be found at https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/.
Read more
Apr 9, 2020 Back to the blog
I haven’t written any post in here for some time and I want to fix that. For now, it is probably worth mentioning that in the meantime I gave many talks, reviewed some articles in Paged Out! and wrote two articles:
- A blog post on Trail of Bits blog: “Understanding Docker container escapes”
- An article “from cpython_exploit_ellipsis import *” to Paged Out! #01
Read more
Nov 12, 2018 Reboot your pc from a docker container

I came back from a PUT Security Day where I gave a talk about Docker security. One of the questions I asked myself when preparing the talk is whether one can reboot their PC (aka host machine) from a docker container.
Read more
Feb 24, 2018 Logs injection or why is logs tailing unsafe

I have been playing with one of Android apps that pushes some messages to logs based on user input recently and I have noticed that adb logcat is as bad as tail -f when it comes to following logs.
Read more
Oct 21, 2017 JHtC4BSK translatespeak [web] writeup

This is a writeup of translatespeak{1,2,3} web security related tasks I have prepared for JHtC4BSK CTF that was held mainly for MIMUW students by JHtC.
Read more
Jun 29, 2017 Gynvael's PL stream 006 mission solution

This is a writeup to small stegano task from Gynvael Coldwind’s polish stream 6th mission (there are small tasks at the end of his livestreams).
Read more
Jun 25, 2017 Google CTF 2017 - Inst Prof [pwn]

This post is a full writeup and walkthrough of a ‘Inst Prof’ binary exploitation challenge from Google Quals CTF 2017. I have used a return-oriented programming exploitation technique to solve it.
Read more
May 29, 2017 Gynvael's PL stream 004 mission solved with angr

This is an angr writeup to a “spaghetti code” task from Gynvael Coldwind’s polish stream 4th mission (there are small tasks at the end of his livestreams).
Read more
Nov 9, 2016 Security PWNing Conference 2016 oraz CTF od P4

Niedawno wróciłem z Security PWNing Conference 2016 organizowanej przez wydawnictwo PWN oraz Gynvaela Coldwinda. Z całą pewnością można powiedzieć, że to jedna z lepszych konferencji poświęconych tematyce bezpieczeństwa IT w Polsce.
Read more
Jun 1, 2016 Confidence CTF Teaser 2016 - GoBox and GoBox2 [pwn]

This is a writeup from Confidence CTF Teaser 2016 - GoBox and GoBox2 tasks from pwn category.

The program was a Go lang sandbox that asked for input - a valid Go program. Then it compiled and executed it. The binary was running on a server and the goal was to launch external program on it.
Read more
May 2, 2016 Google CTF 2016 - For2 [Forensics]

This is a writeup from Google CTF 2016 - For2 task from forensics category.

We have got a capture.pcapng file, which is a sniffed USB traffic from an usb mouse (yeah, you can capture it e.g. with Wireshark).
Read more
Apr 1, 2016 C++ Boost.Preprocessor and template loops

Today I will write a story about how I saved myself a lot of writing with just a few lines of code (that doesn’t mean it took little time :P).
Read more
Oct 10, 2015 One extract to rule them all

From time to time everyone has to extract an archive. When living in a command line the problem of such task is to remember all of the arguments to every of the tools/programs that let you extract different types of archives.
Read more