1. What did you do this past week? This week was the first week of full online class. It was very weird. I have not been able to focus on lectures. In conversations with my friends it seems that no one has been able to focus when listening to Zoom lectures. 2. What’s in your way? I have to catch up on a bunch of lectures. I also have to catch up on our Software engineering project. …
Challenges Capture the Flags CTF Time Cryptology crypto pals Exploitation hack the box pwnable.kr exploit.education Reverse Engineering microcorruption Flare On Crackmes.one Penetration Testing Hack The Box Resources Pwn Binary Exploitation Live Overflow Reverse Engineering Malware Analysis open rce malware unicorn malware tech Youtubers Live Overflow Ghidra Ninja IppSec IppSec focuses primarily on penetration testing Tools Dissassemblers Ida BinaryNinja Hopper Rader2 Ghidra Debuggers Gef: a GDB plugin for reverse engineering Pwntools: A python CTF and exploit development library
1. Are you and your family safe and sound where you are? Me as well as a few members of my family have been feeling sick lately. Also my mom is immunocompromised so I’m worried for her. 2. How do you feel about your ability to finish the term completely online? I’m worried, I had trouble focusing when I took online classes last semester. My work environment at home also isn’t ideal so it’s going to be extra difficult to focus. …
Competing at the Collegiate Penetration Testing Competition was a great opportunity to experience realistic security work. UT placed second in the North East Regionals. I was responsible for working on the windows boxes. Finding an anonymous FTP server gave me access to windows back-ups. From these back-ups, I was able to extract ssh keys. The FTP server allowed the use of the PORT command, which allowed me to perform an FTP bounce attack. …
Micorruption is a series of reverse engineering challenges. In each stage you disable a lock by reverse engineering it. Here’s how I approached each stage of the challenge. Johannesburg This stage is an extension of the Cusco stage. The overview states: - A firmware update rejects passwords which are too long. - This lock is attached the the LockIT Pro HSM-1. Since the password verification occurs on the hardware module, we have to find another way to exploit it. …
1. What did you do this past week? This past week was a lot of midterms for me, so I mostly worked on getting through them. We implemented interprocess communication and remote procedure calls in multicore this week too. I enjoyed implementing IPC because we got to design the protocol for packing and unpacking arguments. We also decided how to implement synchronization. 2. What’s in your way? I have a few projects to work on over the break, but I’m mostly looking forward to relaxing. …
1. What did you do this past week? Last week, I turned in the Collatz assignment, I finished my multicore project and I took a linear algebra exam. It was pretty busy academically so I didn’t have a lot of free time. I’ve started getting into meal prepping which has been fun. 2. What’s in your way? Not much, I just have to start working on things. 3. What will you do next week? …
1. What did you this past week? This past week, I worked on my linear algebra homework. I also saw the prescreening of the DC Comics Birds of Prey movie which I enjoyed. This weekend I’ve mostly been working on our capabilities implementation for my multicore operating systems class. Capabilities are a way of allowing access to contiguous memory regions and other resources at the process level. Which allows for finer-grained permission schemes. …
1. What did you do last week? I finished milestone 0 for my multicore operating systems class. All we had to do was blink an led on the circuit board but it took a while to get used to low-level programming and reading manuals. I also started to look at the collatz project for this course. 2. What’s in your way? I’m trying to better understand the requirements for this class. …
1. Purpose of this post This is my first post as part of a series for CS373 Software Engineering with Professor Glenn Downing. This is an introduction to me and my web development experience. 2. Why are you taking Software Engineering? I signed up for software engineering because it has a strong reputation among UT students. I also wanted to work on my ability to build software as a team. …