Home
biazo
Cancel

CVE-2019-2215 Bad Binder Writeup

Overview Bad Binder (CVE-2019-2215) is a UaF in Binder (Android IPC) and epoll (Async IO). This blog will go over why there is use-after-free (UaF) and how we can use UaF to achieve arbitrary read...

srsRan 4G Setup

Hardware BladeRfMicro A4 sysmocom sim Card reader Omnikey CardMan or MCR3512 Software Ubuntu 22.04 VMware Workstation Install Ubuntu in VMware change usb setting USB Compatibili...

Loadable Kernel Modules

Overview Whether you are fuzzing or looking into certain Linux subsystems, you might need to set up a loadable kernel module if you selected m option on kernel config. An example would be somethin...

Visualizing KCOV with syz-cover

Overview If you have used syzkaller, you seen how they have visualizer for kernel coverage. You can actually use syz-cover to do this with any kcov. Syzkaller Coverage Viewer Building syz-cove...

CVE-2020-27786 FUSE UaF

Overview I was looking for nday that I can use to learn more about FUSE since userfaultfd technique is dead in lastest kernel :(. My good friend c0ld21 was porting kiks PoC of CVE-2020-27786 which...

Building Pixel 7 AOSP and Android Kernel

Overview Purpose of this blog is to build Pixel 7 AOSP and Kernel This blog will build userdebug build with hwasan (hardware address sanitizer). You can check different kind of build variant here...

LibAFL Tuple List

When you are working with LibAFL you will see tuple_list everywhere. It is a way to do static dispatch in Rust because it doens’t support variadic generics. You can do static dispatch like below. ...

UMDCTF 2022

Tracestory I am trying to figure out the end of this story, but I am not able to read it. Could you help me figure out what it is? Author: WittsEnd2 0.cloud.chals.io 15148 Summary This...

Using Binary Ninja for Vulnerability Research

Introduction Ever since @cetfor’s video on Auditing system calls for command injection vulnerabilities using Binary Ninja’s HLIL, I have been wanting to learn more about how you can automate disco...