GLaDOS the Kernel Mode Rootkit

Oct 21, 2017

Our CCDC team decided to throw together a “find and remove the virus” lab for all the new recruits to get used to rooting out the red team’s persistence mechanisms. Each of the old team members threw together a small virus to infect a VM for the lab attendees to track down. I decided I wanted to make something super stealthy which would require a lot of linux knowledge to defeat - enter GLaDOS the malevolent linux kernel module.

Continue Reading »

OverTheWire: Behemoth Writeup

May 21, 2017

I continue my journeys through OverTheWire wargames with the next challenge: Behemoth. This series has similar, simple memory corruption vulnerabilities to exploit, but this time we aren’t given source code. I also touch on some of the tools I commonly use to approach reverse engineering and exploit development for CTF-like challenges.

Continue Reading »

CCDC Scoring Engine 2.0

Apr 1, 2017

Northeastern University competed in the Northeast Regional Collegiate Cyber Defense Competition a couple of weeks ago and I participated for my fourth year as the team’s captain. One major pain point in the competition in the past has been their ancient scoring engine - an old php project that runs on top of a LAMP stack. This year, they unveiled a brand new scoring engine designed around workers polling from a redis queue that store results in a backend database using SQLAlchemy with a front end web UI written with Flask. While their new engine may be more scalable, there were obvious issues with its implementation in the competition as it was periodically unavailable during competition hours and full of display layer bugs in the UI. I decided to take a stab at designing my own scoring engine for internal NUCCDC team use to see if I could do any better.

Continue Reading »

OverTheWire: Narnia Writeup

Feb 20, 2017

I had some extra free time this month with the Lab closing twice due to the snow. I used one of these days to modernize my blog and website and the other, the subject of this post, I spent working through the Narnia wargame. For those of you unfamiliar, OverTheWire hosts a number of “wargames” - series of exploitation challenges that vary in difficulty from “never touched a command line in my life” to “write an exploit for a modern version of gzip”. Narnia is one of the simpler binary exploitation series with only a few levels so I thought I’d try and tackle it on my day off.

Continue Reading »

Spontaneous Reload Cache

Feb 10, 2017

In microprocessor design, specifically the design of memory systems, there’s often a trade-off between performance and cost. Any second year computer scientist or computer engineer can tell you about the memory hierarchy and how faster but smaller memory systems effectively act as a cache for larger, cheaper, but slower storage. One big area of research in computer architecture is cache eviction policies - how the cache decides what to replace when it is full and an uncached object is requested. In my computer architecture class, I took a look at a novel last level cache (LLC) algorithm and put it to the test under realistic workloads. The results weren’t quite what I expected.

Continue Reading »