dzhy | Blog

Toast to Freedom, Toast to Death

Understanding rabin2 output

Prelude If you don’t know what rabin2 is/what it does. Rabin2 understands many file formats: Java CLASS, ELF, PE, Mach-O or any format supported by plugins, and it is able to obtain symbol impor...

SNI and ESNI

Road to better Internet Privacy

Prelude I have a DNS resolver setup at home which my home devices use and set it to use DNS over TLS (DoT) to resolve queries so ISPs and such can’t see the domains I’m visiting, but SNI is leaking...

CDDC 2019 LSCVM Writeup

and some thoughts about the Finals

This is actually a challenge from the qualifiers, but because this challenge will be used in the Finals again so we weren’t allowed to post about it until after the finals. More on that later, here...

CDDC 2019 Qualifiers Writeup

This year’s CDDC Qualifiers was very different from the previous year which was more of an ‘red team’ ctf, this year’s qualifiers is a jeopardy style ctf and it’s pretty focused on OSINT which I’m ...

System32 Magic

System32, SysWOW64 and Sysnative

So I was using 32-bit python on windows and trying to read a binary in System32. 1 2 with open(r'C:\Windows\System32\FileHistory.exe', 'rb') as f: content = f.read() Then I was thrown the fo...

Where are the Strings in Windows Binaries

TLDR: It's in MUI files

Prelude The Windows Binaries I’m talking about here are the ones that comes default with Windows provided by Microsoft. Searching for Strings in the binary I was analyzing a Windows binary C:\Wind...

Preventing Email Spoofing

with SPF, DKIM and DMARC

Preventing email spoofing is important to all domain owners, even if you are not using your domain for email services as it affects the reputation of your domain. In this post I will talk about how...

Firefly III Setup with Docker and HTTPS

In this tutorial we will setup Firefly III using docker and setup a reverse proxy to enable https, as Firefly III itself does not support https. For the purpose of this tutorial we will be using fi...

Certbot - Cloudflare DNS Plugin

In this tutorial we will get a wildcard certificate from letsencrypt using the cloudflare dns plugin. For the purpose of this tutorial we will be using example.com as the domain. Install Cloudflar...