RSS Parrot

corCTF 2024: trojan-turtles writeup

https://zolutal.github.io/corctf-trojan-turtles/

Published: July 28, 2024 00:00

This year I played corCTF with Shellphish, and we did pretty well – placing 6th! I worked on two challenges: ‘trojan-turtles’ and ‘its-just-a-dos-bug-bro’, in the end we solved both of them and both only had two solves by the end.

ASLRn’t: How memory alignment broke library ASLR

https://zolutal.github.io/aslrnt/

Published: January 8, 2024 00:00

As it turns out, on recent Ubuntu, Arch, Fedora, and likely other distro’s releases, with kernel versions >=5.18, library ASLR is literally broken for 32-bit libraries of at least 2MB in size, on certain filesystems. Also, ASLR’s entropy on 64-bit…

Understanding x86_64 Paging

https://zolutal.github.io/understanding-paging/

Published: December 27, 2023 00:00

I’ve spent quite a lot of time messing with x86_64 page tables, understanding address translation is not easy and when I started learning about it I felt like a lot of the material out there on how it works was hard for me to wrap my head around. So in…

corCTF 2023: sysruption writeup

https://zolutal.github.io/corctf-sysruption/

Published: July 30, 2023 00:00

I played corCTF this weekend and managed to solve two pretty tough challenges. This will be a writeup for the first of those two, sysruption, which I managed to get first-blood on!

Understanding Memory Deduplication Attacks

https://zolutal.github.io/dedup-attacks/

Published: June 17, 2023 00:00

I recently came across a bunch of research describing attacks on memory deduplication, it has been used to fingerprint systems[1], crack (K)ASLR[2,3,4], leak database records[4], and even exploit rowhammer[5]. It’s a really cool class of attacks that I…