Developmen

Advent of Code

alt text

Every year, in December, Eric Wastl organizes Advent of Code, an Advent calendar of programming puzzles of increasing difficulty that are super useful to learn a new language, brush your skills, or just for fun.

I have participated to the following years:

  • 2021
  • 2022

You can find my solutions in their git repository

Mojiharau (文字祓う)

A mojibake’d zip files fixer written in Rust. I sometimes encounter files with wrong encoding and they inflate to files with garbage filenames. Since the tool I found, Mojibake Fixer, does what I needed but only through web pages, I decided to reimlement it as a CLI application, allowing me to script it.

You can find it in its git repository

Ghidra-dark

I started using Ghidra as part of my capture-the-flag/reverse-engineering set of tools and I was annoyed by the lack of a dark theme. After searching the web I came across a Dark theme injector, that changed the theme, but not really in a way I liked. That’s wny I forked it and updated its implementation to use RGBA codes to configure colors and use FlatLaf’s IntelliJ themes.

You can find the code in its git repository

Microcorruption

I have been doing coding challenges for a long time, but during 2022 I started diving into the capture-the-flag/reverse-engineering challenges, as I have always been interested in reverse-engineering, and I was suggested to start with Microcorruption. The site presents increasingly complex implementations of a “smart” lock based on a TI MSP430 microcontroller and the user is asked to find a way to unlock the lock without knowing the password.

These challenges forced me to learn from direct experience how multiple low-level attacks work and how to use them.

I am currently at level “Novosibirsk”.

RustyProbe

While tackling the challenges in Microcorruption I came across a problem that required me to disassemble some binary code that was “generated” at runtime. After trying Microcorruption’s integrated disassembler (and due to an error in its use, I found later) I started looking for a local disassembler that helped me read MSP430 binary code.

After finding multiple applications that I couldn’t run or had other issues I decided to implement an MSP430 disassembler in Rust, called RustyProbe.

It was a fun experience, really!

pwn.college

As I found out that I needed more skills for capture-the-flag challenges than just assembly reverse-engineering I looked for that type of challenges for beginners and came across pwn.college, a college course by the Arizona State University dressed up like multiple capture-the-flag challenges.

pwn.college taught me about privilege escalation, jailbreaking, developing in assembly (e.g. a multithreaded web server), network interception, and much more.

Over the wire

Over the Wire is a collection of “Wargames” of increasing difficulty that require multiple different skills in security engineering to solve.

It’s a cool project handled by the community and, if I understood correctly, has a long history.