Load (glibc) DWARF debug symbols in Ghidra

Introduction Today, I was doing a pwning challenge (maybe more on this on a future blog post) and for some stupid reason, I wanted to load the glibc of my system on Ghidra. 99% of the times there is no real good reason to load glibc on Ghidra. That being said, loading other symbols for other binaries can be useful in other scenarios, hence the post. This guide will cover symbols in DWARF (....

11 October 2024 · 3 min · 546 words · Jacopo Scannella

Nix extravaganza with the new ThinkPad T14 Gen 5 (AMD)

I did it again… I installed NixOS as my host Operating System. “Didn’t you already try that in the past? Are you crazy?” You are right, I had previous track experience and it was not great. I really liked the idea of having a reproducible operating systems, ideally with modular components I can tweak based on the machine or the current situation. My first run I quickly grew tired of the nix functional programming language....

28 July 2024 · 12 min · 2510 words · Jacopo Scannella

Firmware Vulnerability Analysis on D-Link DIR-878

The D-Link DIR-878 is a Wi-Fi router that reached its End of Life. Many vulnerabilities were discovered on this device. Today, my task was to help a colleague of mine in its master thesis research project. His project concerns analyzing, studying and locating well known vulnerabilities in firmware. He shared me a curated list of vulnerabilities which needed some analysis so that their data could be added to its thesis. It is important to note that even though I performed this analysis, I have no merit in the content of his thesis whatsoever....

23 July 2024 · 10 min · 2016 words · Jacopo Scannella

Code-Golfing from the past

This was an old post I originally wrote the 24th of October 2018. I recently discovered it in the drafts of this blog. At the time, I was planning to do this challenge on many other languages, but ended up abandoning. I decided to publish it today. It is a short one, enjoy! Cloudflare’s email-decoder in one line I’ve recently “decrypted” Cloudflare’s email-decode.js, this is my take on writing some one line decoders for it....

20 July 2024 · 1 min · 137 words · Jacopo Scannella

PaperMod is here!

I switched from my old and beloved hugo-dusk theme, to the new flashy and shiny PaperMod theme. Why? The old theme development has been dropped and I was basically maintaining it myself. I added some (debatably) cool stuff to it, but it was time to let it go. Moreover, the new theme has really nice features, such as: Introduction in home page to brag about my social status and career achievements Per-year archive, allowing stalkers to dig easilly in my past Search full-text fuzzy functionality, which I still need to figure out how to disable Leverages new Hugo features such as table of content, which will be fun to enable in old posts Automatic dark / light theme I also took this chance to finally move to CI/CD instead of manually deploying every time....

20 July 2024 · 1 min · 204 words · Jacopo Scannella