Vulnerability Research

This post is about an old pwn challenge which, after (probably a kernel) update, broke and it was not possible to solve in the intended way anymore. The challenge in question is message from pwnable.xyz. I got fixated with breaking this challenge in an unintended way and eventually I was able to do it. Even though no new or fancy technique was used for this, I hope this post inspires somebodye else to do that one thing that seems impossible but you have that strong suspicion you could be the one to do it, against all odds....

Today, I was doing a pwning challenge (maybe more on this on a future blog post) and for some stupid reason, I wanted to load the glibc of my system on Ghidra. 99% of the times there is no real good reason to load glibc on Ghidra. That being said, loading other symbols for other binaries can be useful in other scenarios, hence the post. This guide will cover symbols in DWARF (....

The D-Link DIR-878 is a Wi-Fi router that reached its End of Life. Many vulnerabilities were discovered on this device. Today, my task was to help a colleague of mine in its master thesis research project. His project concerns analyzing, studying and locating well known vulnerabilities in firmware. He shared me a curated list of vulnerabilities which needed some analysis so that their data could be added to its thesis. It is important to note that even though I performed this analysis, I have no merit in the content of his thesis whatsoever....