My Blog

This is my very infrequently updated blog. Here, have some tags:

Additionally, an RSS feed is available here.

Duke on FluidSynth

Posted on Sat, 13 Jan 2018.

My first experiences with Duke Nukem 3D were with EDuke32 ages ago. This was back when I was running Windows Vista, and while my memory is a bit lacking, I swear that I had working music then. Ever since I made the switch to Linux, I haven't had working music playback in EDuke. Frustrated at the fact that my past few years of Duke 3D have been devoid of all sound besides the scre... (read on)

Bad BEHAVIOR

Posted on Thu, 4 Jan 2018.

TL;DR, I discovered a stack-smashing vulnerability in GZDoom's interpreter for ACS. As a preface, there's a tendency for whitepapers like this in the security community to be written with a somewhat condescending tone towards the product's vendor. I do not mean for any portion of this writeup to come off as degrading to the developers involved. Yes, the bug was obvious to me<... (read on)

BackdoorCTF 2017: FUNSIGNALS

Posted on Sat, 24 Sep 2017.

"funsignals" was a 250 point binary exploitation challenge with 58 solves. The challenge itself was a very trivial example of sigreturn-oriented programming.

Sigreturn-oriented programming is a means of getting values into certain registers without having to use ROP gadgets that pop values from the stack. It's a technique that relies on how UNIX-like operating systems impl... (read on)

Understand Game Hacking in One Post

Posted on Tue, 5 Sep 2017.

At a first glance, it might seem that game cheats like AimTux are something that could only be conjured by the most talented of reverse engineers. That was at least my initial view on it, especially since I always saw these game hackers using outlandish terms that I hadn't heard in over a year of playing in CTF's. Don't be fo... (read on)

Analyzing Executable Size, part 0 - A Small, Proof-of-Concept Loader

Posted on Mon, 31 Jul 2017.

It seems that static linking is back in style, or at least popular among all the hip new programming languages of today. I don't have anything against statically linked binaries, nor do I have a problem with larger executables, but I've noticed that the acceptable size for an executable is a lot larger now than it was a few years ago; that is, the new kids on the block have signi... (read on)

Making Your Own Music Player: A Gentle Introduction to Audio Programming

Posted on Sat, 15 Jul 2017.

To start off, I'd like to say that I know very little about audio programming and digital audio in general. I've never formally studied signal processing, and hell, I haven't even started high school physics yet. This post merely documents what I've learned while trying to get sound working in my game, because there aren't really any other learning resources about this out there.... (read on)

Reverse Engineering Babby's First Archive Format

Posted on Thu, 2 Mar 2017.

About two months have passed since the first release of Nekopack - a tool I wrote for extracting game data from Nekopara's XP3 archives. While the process wasn't an amazing reverse-engineering war story that will keep you on the edge of your seat, I feel it deserves a small blog post explaining how I did it. Additionally, there's no real documentation on the XP3 format as far as ... (read on)

SDL Tutorial Part 0x00 - Boilerplate, Windowing and Rendering

Posted on Sun, 14 Aug 2016.

This is one of my older tutorials and follows a style unlike my current one. I also no longer hold the same claims I made about the SDL documentation that I originally made in this article. I think it's perfectly fine, you just need to spend some time looking around because it's not organized like other documentation is. For that reason, I have no plans to continue this tutorial ... (read on)