Introduction During christmas, I had some spare time, decided to give pwnable.tw another try and began solving challenge #6: You can connect to a service using nc chall.pwnable.tw 10101 The service binary dubblesort and its libc are available for download Your goal is to send malicious input and spawn a shell So, let’s connect to […]
Writeup for Pwnable.tw #4
Introduction Last reversing CTF was so much fun, I started directly with the next challenge. For me, it was a very hard one and it took me several weeks (although I recognized, after reading other peoples solutions my approach was far too complex ;). Nevertheless, it is still interesting and I want to describe the […]
Writeup for Pwnable.tw #3
Introduction On our last hackathon, Malfunction, Scotch and me tried to beat several CTFs. This article sums up the results of challenge #3 on pwnable.tw. The basic settings are: A calculator service runs on chall.pwnable.tw, port 10100. The corresponding calc binary can be downloaded for analysis. Send malicious input to the calculator to spawn a […]
Codebuild, Gitlab and Submodules
We like the serverless components of Amazons AWS. One of its interesting features is a build environment which consists of CodeCommit, CodeBuild and CodePipeline. CodeCommit allows you to create Git repositories, CodeBuild executes the build process and CodePipeline is a continuous delivery service. We want to use them to create a custom build server and […]
Genesis2Amiga Gamepad Adapter
We love retro computing. Especially the Commodore Amiga is great device with lots of games. Each of them can be enjoyed on an emulator, but I prefer real hardware. Unfortunatly, 30 years old joysticks tend to malfunction. Furthermore, it is more comfortable to use a gamepad. Therefore, I was searching for a new gamepad which […]
Xtext and Domain Specific Languages
Yesterday, we gave a presentation at Cologne Intelligence about domain specific languages (DSL) in software projects. The basic idea is: Instead of writing the whole Java source code manually, parts of the project are implemented with a DSL and automatically transformed into a destination language. This article sums up the results. Using a DSL has […]
Buying an Amiga in 2017
We (like many others) grew up with Commodore personal computers and still love their devices. Especially the Amiga with its advanced graphics capatibilities was ahead of its time. Even nowadays, it is still fun to write code and play games. Therefore, we published an article at the nullsecurity platform which describes what has to be […]
Sega Mega Drive 2 Region Free Mod
Introduction I like playing retro games on my old consoles. Unfortunatly, some of them have region locks. E.g. my Mega Drive 2 is locked to 50Hz and can not switch to 60Hz. This leads to several disadvantages: Some US games will not run on my european device. On 50Hz devices, games run 15% slower due […]
Microsoft x64 Calling Convention with FASM
Introduction At the moment, I am working on a new Hyperion version with 64 bit support. The decryption stub of Hyperion is written using the flat assembler for 32 bit platforms. Therefore, the whole code needs to be ported. And this is where the fun begins ;). Two major aspects of the x86-64 architecture are […]
Atari (Lightgun) Homebrews
Introduction My first gaming console was an Atari 2600 Junior. Although it is not very powerful, i loved the device. When i became older, it was replaced by an Nintendo Entertainment System, SNES, etc. Decades later, i bought my first modem and entered the internet. I also remembered my old Atari 2600 and looked for […]