Articles

An article was published on wololo.net about my development work done for a homebrew application on the Playstation Vita, called Vita Doom.

Hacking & Security Tools

• PS4 Libkernel IDAPro Plugin - This was my first IDAPython script (IDAPro plugin). I created this plugin to assist with reverse engineering the PS4 libkernel shared library. Since the PS4 kernel is not open-source nor is it explicitly supported, IDA Pro is unable to automatically resolve the syscalls in the assembly with specific functions in the kernel. This plugin provides support for this by detecting functions that act as wrappers to syscalls and renaming the function to match a syscall already reverse-engineered and documented by the community.
• Perl Deobfuscator - I had discovered some malware in the wild that was written in Perl. However, the Perl script was obfuscated, so I wrote a custom tool to assist in deobfuscating the malware.
• PDFStego - I have created my own steganography tool that can be used to embed hidden messages or files into *.pdf files.
• Kali Linux for Raspbery Pi - I have taken the project NexMon and integrated it directly into the Kali Linux build scripts for Raspberry Pi, allowing for built in Monitor Mode support for the Broadcom Wifi chip supplied with Raspberry Pi 3.
• Wagonhacker - This is an Android application I have created for interacting with the Defcon DC503 badge and BSidesPDX badge.
• Contribution to ROPgadget - ROPgadget is a popular tool for automatically parsing binary files and providing a list of gadgets that can be used to create a ROPchain. When working on a Capture The Flag competition, I ran into an issue where the binary had many gadgets available, however the gadgets couldn’t contain any non-ASCII characters. So I decided it would be best to modify the tool to add support for skipping gadgets that did not fit the requirements for my exploit. Once the CTF had ended, I opened a Pull-Request and my changes were quickly merged upstream.
• Contribution to Ropper - Similar to ROPgadget, Ropper is another tool for automatically finding gadgets useful for building ROPchains. I had discovered a bug that caused the application to crash. I promptly fixed the typo and shared the fix upstream.
• Xposed Module for Wire - Private Messenger - The Wire Messenger is a chat application that I use for communicating with my CTF team as well as a very large chat-room of local hackers. The Wire application had a couple of bugs that made it very frustrating to use. So rather than wait for the developers to fix the bug, I decided to use the Xposed Framework for Android to inject custom code to fix these bugs.

Capture The Flag Writeups

You can find writeups for some of the CTF challenges that I have solved on my CTF team’s website.

Here are some of my favorite write-ups:

• x86 Reverse Engineering
• String Format Bug with Ret-2-libc Exploit
• USB Forensics Analysis

Other Open Source Contributions

• Contribution to LineageOS (formerly CyanogenMod) - LineageOS/CyanogenMod is a community-developed custom rom for a variety of Android phones. I have made a couple of contributions, specifically for the HTC M8 phone, that have been accepted/merged.
• Contribution to Yocto Linux layer for CHIP SBC (ref#1, ref#2) - I have provided some contributions to the Yocto Linux meta-layer for the CHIP $5 computer. This project enables the ability to use the Yocto Linux Project to build a bare-bones Linux distro for the CHIP SBC.