back

ramblings



2018


July 20, 2018

Using the Python C API to Interface CPUID Interactions

=======

I recently had to implement an application that completes preemptive low-level system checks, such as ensuring that the CPU microarchitecture is correct before execution. This is done through the CPUID opcode instruction (not the software for benchmarking, but does some similar aspects), which provides processor details and features. However, the application was written in Python, and when I talk about low-level stuff, its obviously going to be with C and Assembly. So today, let’s take a look at how we can interface CPUID through C inline assembly, such that we are able to information back to our high-level Python application.

...

June 16, 2018

System Call Hijacking Using LKMs

=======

System call hijacking is an interesting low-level way for the hacker / penetration tester to really gain system privileges of a system, and deploying rootkits for faster and intrusive-less privilege mitigation. Today, let’s take a look at how exactly this works by breaking down the anatomy of a system call, and performing an actual hijacking.

...

May 19, 2018

Implementing a First-Fit Memory Allocator in C

=======

A memory allocator is implemented by a program language at a systems-level in order to track the allocation of blocks of data, whether or not they are available for use and should / should not be destroyed. In C, this is the through the functionality of malloc and free.

Let’s actually implement a memory allocator for C based on the popular first-fit linked-list-based model.

...

March 30, 2018

Thoughts on a Password Manager Implementation

=======

After getting much more into distributed systems and blockchains, I wondered about how we can build a new password management system for the modern user, with a focus on security, portability, scalability, and integrity.

...

February 17, 2018

First Class Functions in C

=======

Working with pthreads, I started to ponder whether or not the C Programming Language actually implements first-class functions to some extent. Well the answer? Not really. But sort of. How? Pointers, of course!

...

January 06, 2018

Shifting Gears

=======

It’s time to talk about my expectations for the New Year’s. 2017 has been a great year for me, and I’ve learned so much. However, with more inspiration and motivation plus an organized mindset, I bet that I can learn so much more, and help others around me do the same.

...

2017


November 03, 2017

Build Your Own Linux Distro

=======

I’ll be talking about my experience in building my own Linux-based distribution, imperium. imperium is based on the 64-bit Debian 9.x (stretch) distribution, as it still relies on its repositories for package management.

...

August 23, 2017

The Importance of Strong Type Systems

=======

Recently, I saw this Computerphile video about the comparison between HTML and C. Professor Brailsford, the speaker mentions that HTML is more tolerant than C,

...

June 10, 2017

Parametric Polymorphism in Programming

=======

Parametric polymorphism is one of the key programming paradigms that I’ve realized is in every expressive, yet powerful programming languages. It is the ability for a language to be able to create data types and structures such that they are able to handle data generically.

...

May 14, 2017

Privilege Escalation in Windows

=======

Dusting off msfconsole and the Metasploit framework itself, it was time for me to get back on my feet with penetration testing.

...

April 15, 2017

Dynamic Memory and Pointers in C

=======

If you are like me, you love to throw pointer lexicons throughout your code hoping to make all those compiler warnings go away. I mean, you might understand what pointers are, but you don’t really understand them.

...

April 08, 2017

Python for Security

=======

Python is one of the greatest programming languages for hackers. Not because of its easiness actually, but it is beginner-friendly and fast to deploy. One of the best thing about the language is the resemblance to that of a natural language, sharing syntactical and semantical rules that very much look like English.

...