My Blog

And this is my blog. When I do occasionally get off of my ass to write something, it's typically very technical and related to something that I've been working on. I have a basic tagging system, but haven't been bothered to write any sort of statistical rankings, so here's a few cherry-picked ones: tutorial, writeup, programming, and security.

If you use a feed reader, there's an RSS stream available here.

Decompilation By Hand

Posted on Thu, 1 Mar 2018.

My capture-the-flag team played in the Insomni'hack teaser this year. During the competition, I worked on a single challenge titled "sapeloshop." It was labeled as "Medium-Hard," and it was in the binary exploitation category. The source code for the server wasn't provided, so reverse engineering was necessary. I don't think that having to reverse the binary was supposed to be th... (read on)

Duke on FluidSynth

Posted on Sat, 13 Jan 2018.

My first experiences with Duke Nukem 3D were with EDuke32 ages ago. This was back when I was running Windows Vista, and while my memory is a bit lacking, I swear that I had working music then. Ever since I made the switch to Linux, I haven't had working music playback in EDuke. Frustrated at the fact that my past few years of Duke 3D have been devoid of all sound besides the scre... (read on)

Bad BEHAVIOR

Posted on Thu, 4 Jan 2018.

TL;DR, I discovered a stack-smashing vulnerability in GZDoom's interpreter for ACS. As a preface, there's a tendency for whitepapers like this in the security community to be written with a somewhat condescending tone towards the product's vendor. I do not mean for any portion of this writeup to come off as degrading to the developers involved. Yes, the bug was obvious to me<... (read on)