πŸ’»πŸ“‘πŸ›°οΈ IooNag

@[email protected]
65 Followers
110 Following
27 Posts
Twitterhttps://twitter.com/IooNag
πŸ’»πŸ“‘πŸ›°οΈ IooNagJan 21
Last December I solved Synacktiv's 2025 Winter Challenge: Quinindrome https://www.synacktiv.com/en/publications/2025-winter-challenge-quinindrome . Here is a 81-byte Linux program which is both a quine (it prints itself when executed) and a palindrome (it is symmetrical)! To learn how I achieved it: https://github.com/fishilico/synacktiv-winter-chall-2025-quinindrome/blob/main/writeup.md
πŸ’»πŸ“‘πŸ›°οΈ IooNagJan 7
libsodium 1.0.21 was released yesterday πŸŽ‰ https://github.com/jedisct1/libsodium/releases/tag/1.0.21-RELEASE
It fixes a small issue I found, showing how hard it is to write C code: https://github.com/jedisct1/libsodium/issues/1375 (fixed by https://github.com/jedisct1/libsodium/commit/704e97fdf5a56a288217a514b09e233e96de28e0 and https://github.com/jedisct1/libsodium/commit/f703a3193500396a075ec6bb79c99d4fbe035fac )
πŸ’»πŸ“‘πŸ›°οΈ IooNagSep 18, 2025
This summer Synacktiv organized an interesting challenge: the aim was to craft a container image as small as possible which replicated itself (i.e. an OCI Image Quine).
I am now publishing a write-up of what I did: https://github.com/fishilico/synacktiv-summer-chall-2025-ocinception/blob/main/writeup.md
synacktiv-summer-chall-2025-ocinception/writeup.md at main Β· fishilico/synacktiv-summer-chall-2025-ocinception

Solution for Synacktiv's 2025 Summer Challenge: OCInception - fishilico/synacktiv-summer-chall-2025-ocinception

GitHub
πŸ’»πŸ“‘πŸ›°οΈ IooNagDec 17, 2024

DevOps practices are all well and good, but beware of the configuration of the tools that access your production.

I've written a blog post sharing some dangerous ways Argo CD can be configured, detailing the security impact: https://ledger.com/argo-cd-security-misconfiguration-adventures

#argocd #security #devops #devsecops

Argo CD Security Misconfiguration Adventures | Ledger

Despite such a strong security posture, Argo CD can be configured in ways creating vulnerabilities. This article studies on two examples where Argo CD is deployed in a way which unexpectedly enabled privilege escalation and authentication bypass.

Ledger
Show threadπŸ’»πŸ“‘πŸ›°οΈ IooNagSep 17, 2024

Here is how I solved all the challenges of the @grehackconf CTF teaser, using Python and Z3: https://gist.github.com/fishilico/0b69a267b73111860fe5ac668a94df2e

#ctf #writeups #GreHack24

GreHack 2024 Prechallenge/CTF Teaser

GreHack 2024 Prechallenge/CTF Teaser. GitHub Gist: instantly share code, notes, and snippets.

Gist
πŸ’»πŸ“‘πŸ›°οΈ IooNagAug 5, 2024
I've just finished the CTF teaser from @grehackconf and it was fun πŸ˜€ (https://x.com/GrehackConf/status/1819282540965875995). A little bit of "guessing" in some challenges like `Remote AES`, but it was still fun to play.
GreHack (@GrehackConf) on X

Folks.... It's time for... PRECHALLS! In addition to #GreHack24 tickets, this year we have three other incredible prizes thanks to our partner @offsectraining 🀩 So hurry up! ⌨️

X (formerly Twitter)
πŸ’»πŸ“‘πŸ›°οΈ IooNagMay 30, 2024
While assessing libsodium latest release, I found a C undefined behavior in its ed25519 implementation... which was fixed less than 2 hours after filling the bug report! Kudos to libsodium's maintainer 😍 https://github.com/jedisct1/libsodium/issues/1376
Several calls to `fe25519_abs` trigger `memcpy` undefined behavior Β· Issue #1376 Β· jedisct1/libsodium

Hello, In current git master, several functions are calling function fe25519_abs with twice the same pointer. For example: ristretto255_sqrt_ratio_m1: libsodium/src/libsodium/crypto_core/ed25519/re...

GitHub
πŸ’»πŸ“‘πŸ›°οΈ IooNagMar 27, 2024
Thorsten Leemhuis (acct. 1/4)Mar 26, 2024

#FlippingPages: An analysis of a new #Linux vulnerability in nf_tables and hardened exploitation techniques

https://pwning.tech/nftables/ – CVE-2024-1086

A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the #Linuxkernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different #kernel targets once.

Fix: https://kernel.dance/#f342de4e2f33e0e39165d8639387aa6c19dff660

Local privilege escalation POC: https://github.com/Notselwyn/CVE-2024-1086

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.

Pwning Tech
πŸ’»πŸ“‘πŸ›°οΈ IooNagJan 29, 2024
Yesterday, I found a minor regression in the way Z3's Python bindings were packages in Alpine Linux. Today, the bug is fixed and `apk add py3-z3` works again in CI/CD relying on Alpine Linux containers πŸ€©β€‹ Many thanks to the amazing maintainers!
https://gitlab.alpinelinux.org/alpine/aports/-/issues/15727
py3-z3 is missing dependency py3-importlib-resources on Alpine 3.19 (#15727) Β· Issues Β· alpine / aports Β· GitLab

Hello, In an Alpine Linux 3.19 containers, installing py3-z3 works fine but running import z3 in Python fails with: ModuleNotFoundError: No module named 'importlib_resources'. Installing py3-importlib-resources...

GitLab
πŸ’»πŸ“‘πŸ›°οΈ IooNagJun 23, 2023
RaphaΓ«l RigoJun 22, 2023
Introducing cpu_rec_rs: determining the CPU architecture of a binary
https://github.com/trou/cpu_rec_rs/
A Rust reimplementation of the original cpu_rec, way faster and easier to use.
GitHub - trou/cpu_rec_rs: Determine which CPU architecture is used in a binary file.

Determine which CPU architecture is used in a binary file. - GitHub - trou/cpu_rec_rs: Determine which CPU architecture is used in a binary file.

GitHub