About

Blog

This blog contains my private/personal notes on random topics I found worth to write about.

About me

Some random stuff / whoami:

• Name: Dominik ‘disconnect3d’ Czarnota

• Staff Security Engineer @ Trail of Bits

• CTF team: captain of justCatTheFish (previously captain of Just Hit the Core)

• Maintainer of Pwndbg – a plugin for GDB for reverse engineering and exploit development

• Education: Applied Computer Science at AGH University of Science and Technology in Cracow, Poland

  • Master thesis (in Polish): Reverse engineering, finding and exploiting bugs in native apps on x86 and x86-64. The reviews are inside.

  • Bachelor thesis (in Polish): Impact of memory layout organization of complicated data structures on binary code efficiency. Reviews: supervisor’s, reviewer’s.

  • (Past) Member and a president (for 2 years) of KNI Kernel

• I am a reviewer of Paged Out! free magazine about programming, security, hacking, computers, electronics, demoscene and other similar topics.

• I wrote some articles to “Programista” polish programming magazine, which are:

  • “IPython – wygodna interaktywna powłoka Pythona” (IPython – Python enhanced interactive shell) – describes IPython interactive shell and its features (history, magic commands, configuration, extensions, notebook/Jupyter) – article pdf;
  • Never ever to be fooled to pay ransomware! – CTFZone 2018 Quals - a write-up of a reverse-engineering CTF challenge where we had to decrypt an Android ransomware. Solved and written together with Paweł Łukasik, who also wrote a write-up on his blog.
  • Teaser Dragon CTF 2018 - zadania production oraz cryptovm - write-ups of production and cryptovm challenges from Teaser Dragon CTF 2018, written with my CTF teammates: Gros and Tacet. I was responsible for the production challenge where you had to make open syscall fail by exceeding the maximum number of opened file descriptors, which were limited by rlimit beforehand.
  • Pwn2Win CTF 2021 - atak Spectre - write-up of a CTF challenge where we had to exploit Spectre vulnerability. Written with Arusekk.
  • Przegląd błędów w CPythonie - A review of known CPython bugs that were reported before in the official Python bugtracker - bugs.python.org.
  • Pułapki w języku Go - Go programming language traps that may lead to security vulnerabilities.
  • Debugowanie niskopoziomowe z Pwndbg - An article about Pwndbg, a plugin for GDB for security research, reverse engineering and exploit development.

Work

Looking for a presentation, training, workshop, or just having an interesting project I may be interested in? Contact me or Trail of Bits.

Hobbies

Programming, reverse engineering (or rather looking under the hood), computer security, teaching others and ice skating.

Contact

• e-mail: dominik.b.czarnota+dc@gmail.com
• twitter: https://twitter.com/disconnect3d_pl (prefer e-mail)