About

Blog

This blog contains my private/personal notes on random topics I found worth to write about.

About me

Some random stuff / whoami:

• Name: Dominik ‘disconnect3d’ Czarnota

• Staff Security Engineer @ Trail of Bits

• CTF team: captain of justCatTheFish (previously captain of Just Hit the Core)

• Maintainer of Pwndbg – a plugin for GDB for reverse engineering and exploit development

• Education: Applied Computer Science at AGH University of Science and Technology in Cracow, Poland

  • Master thesis (in Polish): Reverse engineering, finding and exploiting bugs in native apps on x86 and x86-64. The reviews are inside.

  • Bachelor thesis (in Polish): Impact of memory layout organization of complicated data structures on binary code efficiency. Reviews: supervisor’s, reviewer’s.

  • (Past) Member and a president (for 2 years) of KNI Kernel

• I am a reviewer of Paged Out! free magazine about programming, security, hacking, computers, electronics, demoscene and other similar topics.

• I wrote some articles to “Programista” polish programming magazine, which are:

  • “IPython – wygodna interaktywna powłoka Pythona” (IPython – Python enhanced interactive shell) – describes IPython interactive shell and its features (history, magic commands, configuration, extensions, notebook/Jupyter) – article pdf;
  • Never ever to be fooled to pay ransomware! – CTFZone 2018 Quals - a write-up of a reverse-engineering CTF challenge where we had to decrypt an Android ransomware. Solved and written together with Paweł Łukasik, who also wrote a write-up on his blog.
  • Teaser Dragon CTF 2018 - zadania production oraz cryptovm - write-ups of production and cryptovm challenges from Teaser Dragon CTF 2018, written with my CTF teammates: Gros and Tacet. I was responsible for the production challenge where you had to make open syscall fail by exceeding the maximum number of opened file descriptors, which were limited by rlimit beforehand.
  • Pwn2Win CTF 2021 - atak Spectre - write-up of a CTF challenge where we had to exploit Spectre vulnerability. Written with Arusekk.
  • Przegląd błędów w CPythonie - A review of known CPython bugs that were reported before in the official Python bugtracker - bugs.python.org.
  • Pułapki w języku Go - Go programming language traps that may lead to security vulnerabilities.
  • Debugowanie niskopoziomowe z Pwndbg - An article about Pwndbg, a plugin for GDB for security research, reverse engineering and exploit development.

Work

Looking for a presentation, training, workshop, or just having an interesting project I may be interested in? Contact me or Trail of Bits.

Hobbies

Programming, reverse engineering (or rather looking under the hood to understand how things work), computer security, teaching others, climbing and ice skating.

Contact

• e-mail: dominik.b.czarnota+dc@gmail.com
• twitter: https://twitter.com/disconnect3d_pl (prefer e-mail)