Emanuele Cozzi @invano

  • Flare-On 2018 - Challenge 12 - Subleq'n'RSSB

    After explaining my solution for the last challenge of Flare-On 2018, I want to move one and analyze the details of the second stage. I will entirely focus on two OISC machines: Subleq1 and RSSB2. Take it as a personal training to tackle these processors and a way to get rid of the curiosity I wasn't able to eliminate when I firstly scored this challenge.

    Read more…
  • Flare-On 2018 - Challenge 12 - cat'n'grep

    New year, new Flare-On. This year edition somehow pushed us to the world of VMs reversing. First with challenge 10 built on top of the Intel VMX instruction set, later with challenge 12. The last challenge was quite crazy as usual, but it kind of intrigued me a lot.

    Read more…
  • CSAW 2018 quals - 1337

    The NOPS team couldn't miss CSAW CTF 2018 qualification round. We scored 6th in Europe and 17th worldwide. I mostly focused on reversing with kvm, rev 500, and 1337 initially rev 300, later upgraded to rev 500. Today an Eurecom former student sent me an email asking how I solved 1337.

    Read more…
  • Modern Linux Malware Exposed

    This month I gave a talk at Recon Montreal 2018 about Linux malware and how we analyze them. This is an in-depth follow up of the Oakland paper Understanding Linux Malware more focused on the practical and technical aspects of the work (and malware).

    Read more…
  • Understanding Linux Malware

    My research work on Linux malware was accepted at IEEE Security & Privacy 2018, San Francisco. Abstract—For the past two decades, the security community has been fighting malicious programs for Windows-based operating systems. However, the recent surge in adoption of embedded devices and the IoT revolution are rapidly changing the malware landscape.

    Read more…
  • Kernel heap corruption (SLUB) - CSAW17 Finals

  • How to fly with radare2 - The Wall writup