• Asus RT-N15U Firmware Analysis

    For the next firmware analysis task of the Offensive Internet Of Things Exploitation final project, I decided to analyze the Asus RT-N15U firmware version 3.0.0.4.376.3754. The following is the process I used to backdoor, emulate, and analyze this firmware as well as any security issues I could find.

    July 20, 2017 - 9 minute read -
    firmware asus reverse-engineering
  • TP-Link TL-WR810N Firmware Analysis

    For one of the projects for the Offensive Internet Of Things Exploitation final exam I decided to try to analyze the firmware for the TP-Link TL-WR810N

    July 5, 2017 - 7 minute read -
    firmware analysis tp-link
  • Nand Glitching Wink Hub For Root

    During the Offensive Internet Of Things Exploitation course the instructor demonstrates a technique called a "NAND Glitch" on a Wink Connected Home Hub IoT device. This technique allows a root shell to be acquired on a device which normally does not provide console access. This post outlines the process I used to replicate the NAND Glitch as well as discusses some of the "gotchas" that I encountered along the way.

    July 5, 2017 - 6 minute read -
    nand-glitch wink-hub root uart
  • Mounting Virtualbox Shared Folder in Manjaro Guest

    Everytime I setup a Linux vm in Virtualbox and attempt to get shared folders working, I always run into issues. I decided to create a blog post to save my self the trouble of Googling so that I have the information in one place. In the various distros I have encountered issues with, Manjaro being the most recent, the issues have seemed to have been addressed by three things.

    May 11, 2017 - 2 minute read -
    manjaro virtualbox
  • Haskell YAML Config

    A quick example of reading a yaml config file in Haskell.

    February 5, 2017 - 3 minute read -
    haskell yaml config
  • Haskell TCP Fuzzer

    An example TCP fuzzer written in Haskell

    February 5, 2017 - 5 minute read -
    haskell fuzzer
  • Linux Daemon

    How to write a Linux daemon.

    January 17, 2017 - 6 minute read -
    c daemon linux
  • Opcode Script

    Opcodes from Assembly Instructions

    January 15, 2017 - 1 minute read -
    asm opcodes
  • SLAE Problem 7: Create a Custom Crypter

    SLAE Problem 7: Create a Custom Crypter

    January 10, 2017 - 10 minute read -
    asm shellcode crypter
  • SLAE Problem 6: Shell-Storm.com Shellcode Analysis and Polymorphic Modification

    SLAE Problem 6: Shell-Storm.com Shellcode Analysis and Polymorphic Modification

    January 9, 2017 - 17 minute read -
    asm shellcode polymorphic
  • SLAE Problem 5.3: Msfvenom Analysis of linux/x86/exec

    Analysis of Msfvenom shellcode: linux/x86/exec

    January 3, 2017 - 5 minute read -
    asm shellcode msfvenom
  • SLAE Problem 5.2: Msfvenom Analysis of linux/x86/adduser

    Analysis of Msfvenom shellcode: linux/x86/adduser

    January 3, 2017 - 6 minute read -
    asm shellcode msfvenom
  • SLAE Problem 5.1: Msfvenom Analysis of linux/x86/shell_reverse_tcp

    Analysis of Msfvenom shellcode: linux/x86/shell_reverse_tcp

    January 3, 2017 - 4 minute read -
    asm shellcode msfvenom
  • SLAE Problem 4: Custom Encoding Scheme

    A demonstration of a custom encoding scheme

    December 23, 2016 - 8 minute read -
    asm shellcode c encoding
  • SLAE Problem 3: Egg Hunter Demonstration

    A demonstration of an egg hunter searching for shellcode

    December 22, 2016 - 9 minute read -
    asm shellcode c egg hunter
  • SLAE Problem 2: Reverse TCP Shellcode

    A nice walkthrough of creating a reverse shellcode from scratch

    December 20, 2016 - 12 minute read -
    asm shellcode c
  • SLAE Problem 1: TCP Bind Shell Shellcode

    From my experience playing around with socket programming in C and Python, there is a basic formula and group of function calls for creating clients and servers. Most of them will be useful to us. A couple won't be applicable to our situation.

    December 18, 2016 - 14 minute read -
    asm shellcode c
  • Using Clj-http When A Web App Has CSRF Protection

    Recently when working on a Clojure web app I ran into a scenario where I wanted to do a little bit of integration testing. What I wanted to do was post some data to the same endpoint that my webform would post to. The problem was that the app used ring-anti-forgery for CSRF protection. Because of this, I needed to figure out a way to spoof this anti-forgery token when making POST requests using Clj-http. The solution came out of a lot of trial and error.

    April 15, 2015 - 3 minute read -
    clj-http clojure ring
  • 5 Great Experiences While Learning Clojure

    Lately I have been exploring functional programming and have been spending a lot of time working with Clojure. As I spend more and more time with it I find that there are particular aspects of the language that I find beautiful and enjoyable. Some of these aspects come from the fact that Clojure is a LISP dialect of programming language. Other aspects come from the fact that Clojure is a functional language. Here are 5 great experiences I have had while learning the language:

    April 26, 2014 - 6 minute read -
    clojure functional programming
  • RailsConf 2014

    Today wrapped up RailsConf 2014 in Chicago, Illinois and I have to say that it was quite a good time. This was my first RailsConf and it definitely lived up to its reputation. From DHH trolling that TDD is nonsense in his Keynote speech to Tenderlove making a live merge of the "AdequateRecord" branch into Rails master it was never a dull moment.

    April 25, 2014 - 2 minute read -
    ruby rails railsconf2014
  • Ruby Dir "Random" on Linux but Alphabetical on OSX

    Recently after a co-worker pushed code to our continuous integration server Jenkins was saying that the build was broken and that a constant was being called that wasn’t initialized. What was strange is that the code my co-worker pushed ran just fine when I ran it on my work Mac Laptop as well as some of my other co-workers Mac Laptops. This has to be some sort of weird Mac / Linux difference.

    July 3, 2013 - 2 minute read -
    jenkins linux mac rspec ruby rails
  • Associations in ActiveRecord "not"

    While working with Rails 4 today I was attempting to use the new .not method of ActiveRecord. This method is similar to the jQuery .not method as it allows you to filter your result set where a particular attribute of your result does NOT match what you pass in as .not’s argument. The syntax is:

    May 1, 2013 - 1 minute read -
    activerecord rails4
  • Drupal Views: Using Multiple Databases in Result Set

    Recently while working at my day job the need arose to utilize multiple databases to deliver a result in Drupal’s Views module. Not only did we need to utilize multiple databases but the databases reside on two different servers. I know that Drupal has the ability to connect to multiple databases but I had never considered how Views would utilize both databases or if it was even possible.

    October 13, 2012 - 4 minute read -
    drupal multiple databases views
  • Environment Variables for Rails

    For security purposes I like to keep confidential information out of my git repositories. While hosting a site with Heroku for a little while I learned that they advocate environment variables for storing sensitive information. I later switched over to my own server and wanted to replicate this setup. I threw my environment variables in the .bash_profile of the user associated with my application and found out that when ruby is started on the server a login doesn’t appear to occur for that user even though the process is owned by the user. The .bash_profile never appears to get loaded up. My environment variables weren’t being loaded up into my application as I had anticipated.

    September 14, 2012 - 1 minute read -
    environment variables ruby
  • Test::Unit or MiniTest must be loaded *before* Mocha

    I recently ran bundle update on an older rails application that I had been developing. I added a few specs and when I went to run them I was greeted with the following error:

    July 12, 2012 - 2 minute read -
    gem mocha rails rspec ruby
  • Older posts