The Solfa Cipher (NSEC17 Write-Up)

NSecl logo

The Solfa Cipher Between May 19th and 21st, 2017, I’ve participated in┬áthe NSEC 17 Capture-the-Flag (CtF) event held annually in Montreal, QC. As usual, the team and I had a blast spending days and nights solving challenges and drinking free beer. Among the challenges was a two-part cryptographic puzzle printed on the first and last […]

Software Exploit Development – Fuzzing with AFL

Software exploit development with afl, peda and pwntools

It’s quite impressive to look back in the past to the early days of software vulnerabilities and observe the ongoing dance between new mitigation and new exploitation techniques. Powerful fuzzing tools are now commonplace and operated on a daily basis by IT corporations and security labs; either to find crashes in their software or others’ […]

Reversing the Trendnet TS-402

Reverse Engineering of the Firmware of the Trendnet NFS

The Trendnet TS-S402 is a discontinued network storage enclosure that was sold to individuals for personal data storage. Like every Internet-of-Things (IoT) device, it runs on software programmed and/or configured by the manufacturer before shipping it to the end-user, i.e. the firmware. Firmware versions 2.00.10 and below of this particular device have a serious vulnerability allowing remote […]