Articles in the Programming category

  1. Rust for C Developers Part 0: Introduction

    Wed 10 April 2024
    Category: Programming

    Hello! It's been a while. Life has been very busy in the past few years, and I haven't posted as much as I've intended to. Isn't that how these things always go? I've got a bit of time to breathe, so I'm going to attempt to start a weekly(ish) blog series inspired by my friend scuzz3y. This series is going to be about Rust, specifically how to write it if you're coming from a lower level C/C++ background.

    When I first learned Rust, I tried to write it like I was writing C. That caused me a lot of pain and suffering at the hands of both the compiler and the unsafe keyword. Since then, I have learned a lot on how to write better Rust code that not only makes more sense, but that is far less painful and requires less unsafe overall. If you already know Rust, hopefully this series teaches you a thing or two that you did not already know. If you're new to Rust, then I hope this gives you a good head start into transitioning your projects from C/C++ to Rust (or at least to consider it).

    I'm going to target this series towards Windows, but many of the concepts can be used on other platforms as well.

    Some of the topics I'm going to cover include (in no particular order):

    • Working with raw bytes
    • C structures and types
    • Shellcoding
    • Extended make (cargo-make)
    • Sane error handling
    • Working with native APIs
    • Working with pointers
    • Inline ASM
    • C/C++ interoperability
    • Building python modules
    • Inline ASM and naked functions
    • Testing

    If you have suggestions for things you'd like me to write about/cover, shoot me a message at rustforcdevs@wumb0.in.

    Expect the first post next week. It will be on working with pointers.
    (Update: 4/20/24): I decided to expand this post to cover some background first before doing the post on pointers. So that is still in the works!

    All posts in the series (so far):

    There is also a github repository that goes along with this series. You can find that here.

    ...

    Check out the full post for more details!

  2. sqlalchemy Magic

    Sun 04 March 2018
    Category: Programming

    I was writing a plugin for CTFd and I was faced with an interesting problem: how the hell do I add a column (attribue) to a parent table without modifying that table (or model object)???
    I was trying to assign an extra attribute to the Teams model; a one-to-many relationship between bracket and team so I could have Teams.chal_bracket and Bracket.teams, but again without modifying the Teams model.
    I had actually tried overriding the Teams model and also adding a row on the fly, but neither of those worked. I ended up with the solution below: ...

    Check out the full post for more details!

  3. A Better Way to Work with Raw Data Types in Python

    Sat 11 March 2017
    Category: Programming

    Working with raw data in any language can be a pain. If you are a developer there are many solutions to make it easier such as Google's Protocol Buffers. If you are a reverse engineer these methods can be too bulky especially if you are trying to quickly script an exploit (perhaps in a CTF where time is constrained). Python has always been my go-to language for exploit dev and general script writing but working with raw datatypes using just pack and unpack from the struct module is annoying and leaves much to be desired. I'm here to tell you that if you are still using pack and unpack for complex datatypes there is a better way.

    For the sake of this post we will attempt to work with the raw datatypes below defined as a C structures: 

    typedef struct __attribute__((packed)) NestedStruct_ {
    unsigned char flags[3];
    uint8_t val1;
    uint8_t val2;
} NestedStruct;

typedef struct __attribute__((packed)) ExampleNetworkPacket_ {
    uint16_t version;
    uint16_t reserved;
    uint32_t sanity;
    NestedStruct ns;
    uint32_t datalen;
    unsigned char data[0];
} ExampleNetworkPacket;

    The total size of the ExampleNetworkPacket structure will be 17 bytes plus any data appended on it.

    As a side note I just recently learned that the last element of the ExampleNetworkPacket is valid C and is useful to be a pointer to the end of the structure instead of having to do this: 

    unsigned char data = (unsigned char*)(examplenetworkpacketptr + sizeof(ExampleNetworkPacket));

    Neat.
    ...

    Check out the full post for more details!

  4. Python for Hackers

    Sun 08 January 2017
    Category: Programming

    This is getting posted a bit late, but here is a presentation I gave remote for RIT's Competitive Cybersecurity Club Conference (RC4) 2016 on python tricks for hackers. It's a collection of things that I often use within python that make writing functional tools easier.