My Blog

And this is my blog. When I do occasionally get off of my ass to write something, it's typically very technical and related to something that I've been working on. I have a basic tagging system, but haven't been bothered to write any sort of statistical rankings, so here's a few cherry-picked ones: tutorial, writeup, programming, and security.

If you use a feed reader, there's an RSS stream available here.

Posts tagged as writeup

Duke on FluidSynth

Posted on Sat, 13 Jan 2018.

My first experiences with Duke Nukem 3D were with EDuke32 ages ago. This was back when I was running Windows Vista, and while my memory is a bit lacking, I swear that I had working music then. Ever since I made the switch to Linux, I haven't had working music playback in EDuke. Frustrated at the fact that my past few years of Duke 3D have been devoid of all sound besides the scre... (read on)

Bad BEHAVIOR

Posted on Thu, 4 Jan 2018.

TL;DR, I discovered a stack-smashing vulnerability in GZDoom's interpreter for ACS. As a preface, there's a tendency for whitepapers like this in the security community to be written with a somewhat condescending tone towards the product's vendor. I do not mean for any portion of this writeup to come off as degrading to the developers involved. Yes, the bug was obvious to me<... (read on)

BackdoorCTF 2017: FUNSIGNALS

Posted on Sat, 24 Sep 2017.

"funsignals" was a 250 point binary exploitation challenge with 58 solves. The challenge itself was a very trivial example of sigreturn-oriented programming.

Sigreturn-oriented programming is a means of getting values into certain registers without having to use ROP gadgets that pop values from the stack. It's a technique that relies on how UNIX-like operating systems impl... (read on)

Reverse Engineering Babby's First Archive Format

Posted on Thu, 2 Mar 2017.

About two months have passed since the first release of Nekopack - a tool I wrote for extracting game data from Nekopara's XP3 archives. While the process wasn't an amazing reverse-engineering war story that will keep you on the edge of your seat, I feel it deserves a small blog post explaining how I did it. Additionally, there's no real documentation on the XP3 format as far as ... (read on)