About
Blog
This blog contains my private/personal notes on random topics I found worth to write about.
About me
Some random stuff / whoami:
-
Name: Dominik ‘disconnect3d’ Czarnota
-
Staff Security Engineer @ Trail of Bits
-
CTF team: captain of justCatTheFish (previously captain of Just Hit the Core)
-
Maintainer of Pwndbg – a plugin for GDB for reverse engineering and exploit development
-
Education: Applied Computer Science at AGH University of Science and Technology in Cracow, Poland
-
Master thesis (in Polish): Reverse engineering, finding and exploiting bugs in native apps on x86 and x86-64. The reviews are inside.
-
Bachelor thesis (in Polish): Impact of memory layout organization of complicated data structures on binary code efficiency. Reviews: supervisor’s, reviewer’s.
-
(Past) Member and a president (for 2 years) of KNI Kernel
-
-
I am a reviewer of Paged Out! free magazine about programming, security, hacking, computers, electronics, demoscene and other similar topics.
-
I wrote some articles to “Programista” polish programming magazine, which are:
- “IPython – wygodna interaktywna powłoka Pythona” (IPython – Python enhanced interactive shell) – describes IPython interactive shell and its features (history, magic commands, configuration, extensions, notebook/Jupyter) – article pdf;
- Never ever to be fooled to pay ransomware! – CTFZone 2018 Quals - a write-up of a reverse-engineering CTF challenge where we had to decrypt an Android ransomware. Solved and written together with Paweł Łukasik, who also wrote a write-up on his blog.
- Teaser Dragon CTF 2018 - zadania production oraz cryptovm - write-ups of
production
andcryptovm
challenges from Teaser Dragon CTF 2018, written with my CTF teammates: Gros and Tacet. I was responsible for theproduction
challenge where you had to makeopen
syscall fail by exceeding the maximum number of opened file descriptors, which were limited byrlimit
beforehand. - Pwn2Win CTF 2021 - atak Spectre - write-up of a CTF challenge where we had to exploit Spectre vulnerability. Written with Arusekk.
- Przegląd błędów w CPythonie - A review of known CPython bugs that were reported before in the official Python bugtracker - bugs.python.org.
- Pułapki w języku Go - Go programming language traps that may lead to security vulnerabilities.
- Debugowanie niskopoziomowe z Pwndbg - An article about Pwndbg, a plugin for GDB for security research, reverse engineering and exploit development.
Work
Looking for a presentation, training, workshop, or just having an interesting project I may be interested in? Contact me or Trail of Bits.
Hobbies
Programming, reverse engineering (or rather looking under the hood), computer security, teaching others and ice skating.
Contact
- e-mail: dominik.b.czarnota+dc@gmail.com
- twitter: https://twitter.com/disconnect3d_pl (prefer e-mail)