JxTx

Mull, a new band for me release the sound of melting gristle in January, and since then I've not stopped listening to it, its like an addiction. It does exactly what is says on the tin. I suppose you could call it old school goregrind, like the days of CBT. This meme says it all. When I saw that rotten roll rex had merch for mull and this album, I instantly put an order in.

Code: ob-idapython It's been a while since I posted. For the last 6 months or so I've been reverse engineering a very complex binary. This has been both fun and frustrating, but I've learnt loads about reverse engineering in general, and as usual, I've taken a massive amount of notes that I probably won't look at any time soon, and of course I've taken these notes in org-mode. I've wrote about my notes before, and since then it's only improved, the biggest improvement to my notes has been using babel a lot more as it allows me to run quick experiments from within my notes file.

Viscera Infest released their new album last month, and I could not find it anywhere other than on YouTube. I'm normally more thanhappy to purchase music if its not on streaming services, yet for some reason the only place Viscera Infest released the full version of Teratoma was on YouTube. This is a bit of a problem to listen to it on the go, as I typically only use YouTube on the TV.

I was recently part of a team workshop where we had to write some automation scripts, and call me old, but I was shocked to see a lot of the team calling binaries from python, rather than writing a bash script to do all of the processing. After talking to a few colleagues, I discovered that bash is not natural to them, like python is. I never went to university, so all of my computer science stuff has very much been self taught, so I suppose that could be the reason why I'd prefer to write "parse.

I helped a colleague build a docker container that during the docker build phase would just produce a file, as there is no need for a full on image. To do this, we need a multi image container FROM --platform=linux/aarch64 debian as builder #<do things> FROM scratch as artifact COPY --from=builder /full/path/to/file/to/copy /path/on/host And then you can build it like so. docker build --target artifact --output type=local,dest=. . You then get a file from the build process on your host.

I don't really use much Ghidra in my day job, I tend to use a compination of IDA and Binary Ninja. My experience with Ghidra has been limited to CTF's. I did pick up some tips and tricks when using Ghidra, and I feel like I should document that somewhere. Custom Highlight When looking at the decompiler and you select a value, it does not make it overly clear if the value its used elsewhere.

Recently I found out that you can have multiple images in a Dockerfile. I found this really helpful for fuzzing, where I could build the harness in one docker image, and then copy only the harness to the AFL++ image. Here is a bit of a bare bone extract of my Dockerfile. FROM --platform=linux/aarch64 debian AS builder # rest of the builder stuff FROM --platform=linux/aarch64 aflplusplus/aflplusplus:latest COPY --from=builder /build/harness /src/ COPY --from=builder /build/other_stuff_for_fuzzing /src/ This is useful, when we only care about the last stage.

I really want to be fuzzing more in general. Towards the end of last year I decided to play a bit with libfuzzer. Here is my quick test from the tutorial. The command wget https://github.com/google/fuzzing/raw/master/tutorial/libFuzzer/fuzz_me.cc /opt/homebrew/Cellar/llvm/17.0.6/bin/clang++ -g -fsanitize=address,fuzzer fuzz_me.cc ./a.out The output --2023-12-21 16:13:34-- https://github.com/google/fuzzing/raw/master/tutorial/libFuzzer/fuzz_me.cc Resolving github.com (github.com)... 140.82.121.3 Connecting to github.com (github.com)|140.82.121.3|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://raw.githubusercontent.com/google/fuzzing/master/tutorial/libFuzzer/fuzz_me.cc [following] --2023-12-21 16:13:35-- https://raw.githubusercontent.com/google/fuzzing/master/tutorial/libFuzzer/fuzz_me.cc Resolving raw.githubusercontent.com (raw.

Denote is my new note taking system and I really wanted to add the phrack articles to denote so I can search and index them. At time of writing there are 70 articles, and you can download the archives for each one here. But I wanted to automate the whole process, and do it with Emacs lisp. Downloading and extracting the articles This could be done with wget brace expansion and tar like so:

I love writing in org-mode It's much better than traditional markdown, however most markdown editors have the ability to render your text so you can preview it before. I argue that a good theme in Emacs allows for this, but none the less, I started looking into a way to render a folder with a bunch of org-mode files in it. Hugo This blog's content is written in org-mode and then using ox-hugo converted to markdown.