12 Dec 2023
To get a better grasp of how QEMU (an open-source hypervisor) internals work for a research project, I decided to upsolve cloudinspect from Hack.lu 2021.

The challenge is simple in concept: an out-of-bounds write and read on the hypervisor heap, caused by a custom PCI device.

04 Mar 2023
Happy new year! Recently DiceGang placed second in HackTM qualifiers, meaning we are invited to the finals in Romania in May. I worked on and solved two challenges, cs2100 (RISC emulator pwn) and dragon-slayer (blockchain). I wrote these up with clubby and AdnanSlef for required verification anyway, so here they are.

24 Nov 2022
Given two \(n \times n\) upper triangular matrices \(A\) and \(B\), I show that \(A * B\) is also upper triangular without using induction.

## Proof

For matrix \(A\) to be upper triangular, \(A_{ij} = 0\) for \(i > j\) by definition. Similar, this also is required of \(B\). We want to show that \(A * B\) also has this property.

First, letโs rewrite this property as \(A_{ij} = 0\) for \(i \geq j + 1\), as both \(i\) and \(j\) are integers (it does not make sense to have a non-integer entry in a matrix, at least as far as I know).

Rearranging \(i \geq j+1\), we get:

\[i - 1 - j \geq 0\]
\[i - 1 - j + n \geq n\]
\[(i - 1) + (n - j) \geq n\]

This will be true for any entry in \(AB_{ij}\) whenever \({i \geq j+1}\), which is precisely the entries we want to check are zero!

22 Sep 2022
In this post, I note a method to run any binary on a device without needing to use `chmod`

or any other program to make the binary executable.

06 Aug 2022
For my IoT security research project at UMDโs Breakerspace, I recently needed to compile a custom binary to run on smart devices for experimentation. Previous experimental setups (not designed by me) used a series of Bash scripts, but I discovered they were barely reaching the device max capacities.

Many IoT devices run embedded architectures like ARM or MIPS(EL), not x86. So I needed to cross-compile my C code to run on the right architectures. I thought I was clever for managing to install `gcc-<arch>-linux-gnu`

on Ubuntu.

Until I tested my code on one particular MIPS device, which gave me a `FATAL: kernel too old`

. What?

`uname -r`

returned the kernel version as `2.6.36+`

. This kernel version was released in 2010 - talk about an ancient kernel! For reference, the current one is like `5.19`

. So, I set about trying to compile to target this kernel version for MIPS.

4 days later and 8+ builds of binutils / GCC / gLibc later, I decided nobody else should ever go through the same headaches I went through to compile just a hundred lines of C.