21 October 2018

Reading / Status, 21 Oct 18

Still alive.

Haven't been CTFing much lately; played CSAW and solved a couple of things.  Had planned to do writeups but didn't get to it and now they're out of cache.  Was excited about hack.lu but it was during business travel.  I guess I could be playing HITCON right now but I got home late last night from travel and have been reassembling my life.  My hard drive died and I had to replace it with an SSD while I was on the road, and I haven't pulled my CTF tooling off of my backup yet.  On the upside, SSDs are fast!  I had no idea what I was missing out on.

Haven't been reading much lately either for that matter, but such as I have been:

Moving AFL's coverage instrumentation into the generated TCG code in order to re-enable the translation-block linking optimization.  Good stuff.

Some of the documentation for kAFL.  I know jack about kernel bugfinding or exploitation; I should fix that.  I guess I did read part of this Project Zero writeup of a kernel bug lately, but at some point they lost me.

Bunch of libfuzzer and llvm docs.

Read a bit of this gitbook on heap exploitation a while back; I should finish it.  Did get the exploit I was working on to work though, so that was cool.

This really good stackoverflow answer on all the C runtime stuff that gets linked in automatically by the link driver, but that you need to include yourself if you're doing weird manual linking tricks.

Python IntervalTree documentation; I'd used these a couple of years ago but it was good to refresh on.

Python mmap documentation; I hadn't seen this before but came across some code that was using it.  Nice trick, looks performant.

A coworker recommended this book on debugging to me recently; haven't decided whether I'm going to read it yet or not.  On the one hand, it looks promising, but on the other, if it's actually nine rules and a bunch of examples, maybe I could do without all the examples.  Might see if I can get my employer to buy a copy for the office.

Re-read the Hovamol on the plane, and part of the Bhagavad Gita (good enough for Oppenheimer, good enough for me).

No comments:

Post a Comment