Fairplay encryption created by Apple to protect digial possession rights. Implemented with a custom chip set for encryption and decryption with a hardcoded key. It is still unknown how to extract the key from the hardware.

Dynamic symbols in Mach-O binary are stored in a form of bytecode and exported symbols are encoded as a prefix-trie. For dynamic symbols, Mach-O also has a stud binding to resolve symbols, which is the same as __got and __plt section on ELF binaries.

Mach-O is a binary format used by Apple for its systems. The binary format contains assembled bytes, data and other information. Structured by a list of load commands, where each load command hold the neccessary pointers to the contents.

Writeups for redpwnCTF2021 reversing challenges

Một blog ngắn về một cái crash và những gì mình học được

Ở bài viết này, tôi sẽ tiến hành reverse tệp tin đơn giản rop_easy

A popular and powerful technique to exploit the linux kernel

The final part of the series about learning Linux kernel exploitation through hxpCTF2020 kernel-rop: Full protection

Writeups for justCTF2020[*] reversing challenges

The second part of the series about learning Linux kernel exploitation through hxpCTF2020 kernel-rop: Adding SMEP, KPTI and SMAP

The first part of the series about my process of learning Linux kernel exploitation through hxpCTF2020 kernel ROP: Setting up the environment and the simplest technique of ret2usr

Short write-ups for CTF Problems from EfiensCTF 2020 Round 2

Writeups for TetCTF2021 heap pwn challenges

My technique of solving glibc 2.31 heap challenges with seccomp