Date: March 10, 2022
This 2-part blogpost will describe how I got introduced to the concept of fuzing network-based programs(i.e: Redis server and Apache httpd) while demonstrati...
Read more ·
21 min read
Date: November 1, 2021
This blogpost covers compiling & debugging Apache. It is not suggesting to replace the existing documentation, but rather give a practical examples and o...
Read more ·
6 min read
Date: October 31, 2021
October 2021 was a wild ride for the Apache httpd maintainers, and quite an earthquake for the infosec community. Below is my analysis for CVE-2021-41773 and...
Read more ·
11 min read
Date: October 1, 2021
vuln-storage (499 pts)
A Heap exploitation challenge.
We were given a target binary which:
Has all protections enabled(NX/Canary/Full RELRO/PIE)
Perfor...
Read more ·
8 min read
Date: September 19, 2021
This year, I had the honour to write some challenges for the BSidesTLV conference :^)
I wrote two challenges: ‘Rainy Redis‘(Pwn) and ‘Speed Trivia‘(Web), be...
Read more ·
11 min read