notselwyn

notselwyn

About:

notselwyn is a vulnerability researcher focused on Linux environments, sharing insights on offensive security and exploits.

Website:

pwning.tech

Specializations:

Vulnerability researcher

Interests:

Offensive security Linux kernel IoT Fuzzing HackTheBox

Incoming Links:

Bogdan Deac

Outgoing Links:

Andrey Konovalov
Subscribe to RSS:
Link

0Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques

2024-03-26

The blogpost discusses a bug found in nf_tables in the Linux kernel (CVE-2024-1086) and its root cause analysis. It also shows several novel techniques used to drop a universal root shell on nearly all Linux kernels between at lea...

0Tickling ksmbd: fuzzing SMB in the Linux kernel

2023-09-16

The blogpost discusses adding psuedo-syscalls and struct definitions for ksmbd to Syzkaller, setting up an working ksmbd instance, and patching ksmbd in order to collect KCOV. It explains what Syzkaller and KCOV are, adding Syzkal...

0Unleashing ksmbd: crafting remote exploits of the Linux kernel

2023-08-04

The text discusses the ZDI-22-1690, an unauthenticated RCE vulnerability in the Linux kernel's ksmbd subsystem. It explains the SMB protocol, the vulnerabilities ZDI-23-979 and ZDI-23-980, and provides proof-of-concept exploits fo...

0How I hacked smart lights: the story behind CVE-2022-47758

2023-03-08

The blogpost discusses the research regarding CVE-2022-47758, a critical vulnerability impacting a large number of Internet of Things smart devices. The authors were able to leverage this vulnerability in the lamp's firmware for u...

0How I hacked IoT management apps: the story behind CVE-2022-46640

2023-03-08

The text discusses the discovery and exploitation of critical vulnerabilities in an IoT desktop app, including unauthenticated Remote Code Execution, Local File Inclusion, and Remote Wireless Reconfiguration. It provides a detaile...

0Knote (HackTheBox)

2023-01-15

The text is a write-up covering the Knote (kernel-note) kernel-pwn challenge on HackTheBox. It explains what kernel modules are, how kernel CTFs work, and how to analyze and exploit the kmodule. It also provides a proof-of-concept...

0Superfast (HackTheBox)

2022-11-28

The text is a detailed write-up about the Superfast challenge in HackTheBox Business CTF 2022. It covers the process of performing a single-byte overwrite to bypass ASLR, leak stack pointers, and perform a Return Oriented Programm...

0Finale (HackTheBox)

2022-11-26

The text discusses the retired Finale challenge on HackTheBox. It includes a description of the challenge, the analysis of the binary, the stack, ROP chains, and prioritizing attack vectors. It also details the failed attempt to g...

0WeakRSA (HackTheBox)

2022-11-24

The text is a write-up solving the retired WeakRSA challenge on Hack The Box. It explains the basics of RSA encryption and decryption, and provides a step-by-step guide to solving the challenge. The lesson learned is that p and q ...

0Blacksmith (HackTheBox)

2022-11-20

The text discusses the retired Blacksmith challenge on HackTheBox. It includes a description of the challenge, the vulnerability primitives, developing AMD64 assembly, and retrieving the flag. The author provides a detailed analys...