Pwning the (broken) unbreakable challenge: message

This post is about an old pwn challenge which, after (probably a kernel) update, broke and it was not possible to solve in the intended way anymore. The challenge in question is message from pwnable.xyz. I got fixated with breaking this challenge in an unintended way and eventually I was able to do it. Even though no new or fancy technique was used for this, I hope this post inspires somebodye else to do that one thing that seems impossible but you have that strong suspicion you could be the one to do it, against all odds....

23 October 2024 · 15 min · 3179 words · Jacopo Scannella

Load (glibc) DWARF debug symbols in Ghidra

Today, I was doing a pwning challenge (maybe more on this on a future blog post) and for some stupid reason, I wanted to load the glibc of my system on Ghidra. 99% of the times there is no real good reason to load glibc on Ghidra. That being said, loading other symbols for other binaries can be useful in other scenarios, hence the post. This guide will cover symbols in DWARF (....

11 October 2024 · 3 min · 545 words · Jacopo Scannella

Nix extravaganza with the new ThinkPad T14 Gen 5 (AMD)

I did it again… I installed NixOS as my host Operating System. “Didn’t you already try that in the past? Are you crazy?” You are right, I had previous track experience and it was not great. I really liked the idea of having a reproducible operating systems, ideally with modular components I can tweak based on the machine or the current situation. My first run I quickly grew tired of the nix functional programming language....

28 July 2024 · 12 min · 2521 words · Jacopo Scannella

Firmware Vulnerability Analysis on D-Link DIR-878

The D-Link DIR-878 is a Wi-Fi router that reached its End of Life. Many vulnerabilities were discovered on this device. Today, my task was to help a colleague of mine in its master thesis research project. His project concerns analyzing, studying and locating well known vulnerabilities in firmware. He shared me a curated list of vulnerabilities which needed some analysis so that their data could be added to its thesis. It is important to note that even though I performed this analysis, I have no merit in the content of his thesis whatsoever....

23 July 2024 · 10 min · 2016 words · Jacopo Scannella

Code-Golfing from the past

This was an old post I originally wrote the 24th of October 2018. I recently discovered it in the drafts of this blog. At the time, I was planning to do this challenge on many other languages, but ended up abandoning. I decided to publish it today. It is a short one, enjoy! Cloudflare’s email-decoder in one line I’ve recently “decrypted” Cloudflare’s email-decode.js, this is my take on writing some one line decoders for it....

20 July 2024 · 1 min · 137 words · Jacopo Scannella