Author Archives: Norman

About Norman

Sometimes, I write code. Occasionally, it even works.

Reversing the Balong M3/MCU Console – Lightning the Path to Ring 0

Posted on June 19, 2017

This weekend, I spent some time continuing my investigation of a Huawei E5573 modem. In this, I was able to identify and briefly PoC a process by which an attacker can gain privileged code execution on this device, without resorting … Continue reading →

Posted in Bards, Computers, Jesting | Tagged huawei, reversing | 3 Comments

Arduino-to-Arduino Voltage Glitching (look ma, no FPGA!)

Posted on June 12, 2017

Recently, I have been delving into the magical world of hardware hacking. One target has given me cause to learn voltage glitching, among other things. On the advice of friends, I ordered a ChipWhisperer kit but while it made it’s … Continue reading →

Posted in Bards, Computers, Jesting | Tagged glorious victory, hardware | Leave a comment

Writeups – Ping, A Temple Jest (securityfest.ctf.rocks)

Posted on June 2, 2017

One hour ago, I competed in the securityfest.ctf.rocks CTF. In the time I had to participate, I was able to solve two challenges. Without further ado: Ping The “ping” challenge was presented as a binary file, which you can download … Continue reading →

Posted in Bards, Computers, Jesting | Leave a comment

Windows 7 x64 Kernel Exploitation – Stack Overflow (3/3)

Posted on May 30, 2017

In this (short) post, we will explore triggering a stack overflow vulnerability in the kernel. This is a classic exploitation case. The Vulnerability: TriggerStackOverflow Similar to the last post, we first inspect the vulnerable function in code. This is a … Continue reading →

Posted in Uncategorized | Leave a comment

Windows 7 x64 Kernel Exploitation – Arbitrary Write (2/3)

Posted on May 30, 2017

In this post, we will dive into an actual example of exploitation, against an arbitrary write-what-where vulnerability. The Vulnerability: TriggerArbitraryOverwrite The vulnerability we are exploiting is within the TriggerArbitraryOverwrite function. In source code, we can see this in the “TriggerArbitraryOverwrite” function, … Continue reading →

Posted in Uncategorized | Leave a comment

	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	Reversing the Huawei… on Reversing the Balong M3/MCU Co…
	Norman on Breaking lcg_value()
	none on Breaking lcg_value()

	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	Reversing the Huawei… on Reversing the Balong M3/MCU Co…
	Norman on Breaking lcg_value()
	none on Breaking lcg_value()

	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	【知识】6月20日 – 每日… on Reversing the Balong M3/MCU Co…
	Reversing the Huawei… on Reversing the Balong M3/MCU Co…
	Norman on Breaking lcg_value()
	none on Breaking lcg_value()

Author Archives: Norman

About Norman

Reversing the Balong M3/MCU Console – Lightning the Path to Ring 0

Arduino-to-Arduino Voltage Glitching (look ma, no FPGA!)

Writeups – Ping, A Temple Jest (securityfest.ctf.rocks)

Windows 7 x64 Kernel Exploitation – Stack Overflow (3/3)

Windows 7 x64 Kernel Exploitation – Arbitrary Write (2/3)

Recent Posts

Recent Comments

Archives

Categories

Meta

Recent Posts

Recent Comments

Archives

Categories

Meta

Recent Posts

Recent Comments

Archives

Categories

Meta