The Art of the Bodge

postimage24

Back before I started uni, I was at the wrong end of the country. I had to drive from Mount Isa to Tasmania.

I decided I wanted to show where I was each day to whoever was reading my website.

Now I had a problem. I was at the time using a basic Nokia 3315 which had snake, but no internet to speak of. It was at this point that I applied my favourite development tools of the time to the problem. I was doing a bunch of basic php and was playing around with the gd graphics libraries.

I may not have had data, but I did have SMS and a basic Navman GPS. I first grabbed a bunch of kml files from google maps which described my route and the outline of the states which I used to write a basic mapping system in php + gd. I then hooked this up, using the pop email libraries in php to an email inbox, and used a free SMS to Email gateway on my phone.

As we went I would grab the coordinates of my GPS, SMS them to my site and the red dot would follow the path… That was the plan anyway. The system worked fine, however weather intervened and forced me to head west and south rather than to the east as was originally planned, so the dot wandered off the path that was originally drawn.

For years my Aunty had a copy of this image with the red dot wandering out west on her fridge, with the caption beneath it, “Geeks, they can’t follow a simple map!”

And that is the art of the bodge…

 

x86 Wizardry

5 days ago Chris Domas presentation for Black Hat USA 2017 was released. He has developed a toolkit called Sandsifter which allows the discovery of undocumented processor instructions which can be used for new research into hardware bugs, new exploit and privilege escalation methods just to scratch the surface.

Chris came onto my radar a couple of years ago when I came across his talk on the “M/o/Vfuscator”. He had come across a white paper describing the x86 Mov opcode as turing complete. From this white paper, he developed a compiler which could compile C to a series of Mov instructions, with the goal of frustrating reverse-engineering efforts.

In the same year as the M/o/Vfuscator talk, Chris also presented on the REpsych framework for using psychological warfare inspired methods to discourage reverse engineers and on a Memory Sinkhole attack to achieve System Firmware/Ring -2 System Management Mode code execution on the x86 platform.

Chris has an easy presentation style and his talks are some of the clearest I have had the opportunity to watch regarding assembly level vulnerabilities.

For those not familiar with x86 assembly, some other learning may be advisable as a primer before tackling these videos. Justin Steven’s dostackbufferoverflowgood tutorial at https://github.com/justinsteven/dostackbufferoverflowgood is a good source for anyone who has not delved into the world of machine code or stack based buffer overflows.