mw casual engineering

Sun Jan 26 2025

TODO ./configure --prefix=$HOME/qemu-build --sysconfdir=$HOME/qemu-build/etc --libexecdir=$HOME/qemu-build/usr/lib/qemu --localstatedir=$HOME/qemu-build/var --disable-bpf --disable-bsd-user --disable-capstone --disable-docs --disable-fdt --disable-gcrypt --disable-glusterfs --disable-gnutls --disable-gtk...

A five-panel comic featuring the Linux mascot Tux with a bandage placed above it, and a box with a question-mark.

Panel 1: The box says “Am I being traced??” and Linux says “No trust me.”
Panel 2: The box says “Ok now guess the number”.
Panel 3: Linux says “1” and the box says “lol no, now get lost”.
Panel 4: The background has 2 clocks in random rotation and shear, and also has some lines which says “ick_revert_proc: Restoring CoW'd page at 0x00000000005cxxxx”, and the box is wrapped in a squiggly blue circle, and is itself distorted.
Panel 5: The box thinks “(hmm what was that must have been the wind)” and Linux says “jk i mean 2”.

Using the Linux kernel to help me crack an executable quickly

Linux systems programming reverse engineering memory management deep dives

Wed Jan 01 2025

A few weeks ago I found a reverse engineering problem which basically boiled down to running a heavily obfuscated Linux binary and entering the correct number to get it to print a flag. Fortunately, the interesting bits of the program ran quite fast – after reading the input, it spends around 5us before printing out whether the guess was correct or not. This means that even a brute-force search of the possible inputs could finish in a reasonable time, and there is no need to expend much effort on actual reverse engineering if we don't have to. The only tricky part is, how do we convince it to try different inputs as fast as this?