Keyrings dump with keydump: Extracting SSSD cleartext credentials

  Posted on September 8, 2024  |  24 minutes  |  Eloy Pérez González  • Other languages: gl

Hi there!! Time ago I was tinkered with Linux keyrings to extract Kerberos tickets from keys with tickey, and recently I was involved in a new interesting project in which I needed to learn again about this topic, so I will try to describe the important points here in case my future self or anyone else want to learn them. First we need to know is that Linux keyrings is a key management facility. [Read More]
Linux  Keyrings  sssd 

How to join Debian to Active Directory

  Posted on August 29, 2024  |  21 minutes  |  Eloy Pérez González  • Other languages: gl

Hi people, in this article I'm going to show how to join a GNU/Linux machine, specifically a Debian one, to an Active Directory environment.I know, I know, Active Directory (AD) is a commercial tool from the evil Microsoft, but we need to admit that is the most used tool in the market. However, not because we are in a Microsoft environment we need to use Windows, even if that's what they would like. [Read More]
linux  gnu  ad  debian 

Who is messing with my DNS server? Discovering and managing network daemons

  Posted on August 18, 2024  |  12 minutes  |  Eloy Pérez González  • Other languages: gl

Hi there, today I would like to talk about an recurrent issue that I've been facing for many years. I wanted to configure my machine to use an specific DNS server, so I including it in /etc/resolv.conf. However, after a while my new DNS server was removed and /etc/resolv.conf restored to a previous version. In this article I'm going to explore what is happening and how discover who is modifying /etc/resolv. [Read More]
dns  bpf  dhclient  networkmanager  systemd  linux  gnu 

Stealing sudo sessions with ptrace

  Posted on March 24, 2024  |  7 minutes  |  Eloy Pérez González  • Other languages: gl

Hi people. Today we are going to deepen an old technique that I have been studying. It is an attack to get sudo in case someone else is connected to the same machine with the same user and has sudo unlocked. This technique was already documented by nongiach in the sudo_inject repository. However, that implementation requires several files and dependences for the attack, so, in order to simplify it and learning about the technique, I have developed sudohunt. [Read More]
pentest  linux  sudo  ptrace 

PUME: a tool to mutate Python source code

  Posted on November 2, 2023  |  7 minutes  |  Guzmán Cernadas Pérez  • Other languages: gl

This article will explain what PUME (Python Universal Mutation Engine) is and how it works and after that some examples of use will be given. Introduction PUME is a tool that randombly modifies the source code of a program made with Python without change the orginal features. This is mainly achived by doing modifications in the Abstract Syntax Tree (AST) of the program but it should be noted that exist a modification that is made directly in the source code. [Read More]
python  pume  AST  obfuscation 

Visual profiling in Python

  Posted on June 27, 2022  |  5 minutes  |  Sergio Martínez Portela  • Other languages: gl

Hey there! Today I bring a practical example of how we can analyze our Python programs to efficiently find bottlenecks. There's a lot of talk on how optimizations shouldn't be done blindly. That instead one should measure which parts of a program are problematic to improve the code execution in an efficient way. Today we will see how to do that in a practical way. Flame Graphs There are lots of ways to measure and visualize the behavior of a program. [Read More]
python  profiling  optimization  flamegraph 

Quick math on the terminal

  Posted on November 1, 2021  |  3 minutes  |  Sergio Martínez Portela

Hey there! Just this past week I stumbled on a HN comment from 2019. The commenter was fiddling with some scripts to perform some simple math directly on the (bash) terminal. TLDR: Click here to go to the code and skip the backstory. What the commenter proposed was something like this, based on the dc command (comments are mine). $ . calc.sh # Load functionality $ * 4 5 # Multiply 4 and 5 20 $ / 21 3 # Divide 21 by 3 7 This sounded interesting. [Read More]
terminal  explorations 

Using libfuzzer in autotools compiled projects

  Posted on July 16, 2021  |  10 minutes  |  Eloy Pérez González  • Other languages: gl

Hey there. These days I've been playing with libfuzzer, a tool that comes with clang compiler and that allows us to fuzz a program compiled with clang. The fuzzing consists on passing (pseudo-)random data as program input and check if that breaks. To do this with libfuzzer, it is required to define in the program a function called LLVMFuzzerTestOneInput that accepts a buffer of bytes as argument. Then libfuzzer will call this function in a loop with different data. [Read More]
fuzzing  libfuzzer 

Tricks to improve console programs usability

  Posted on December 24, 2020  |  16 minutes  |  Eloy Pérez González  • Other languages: gl

Hi folks. In this post I goint to present you some tricks that, in my experience, allow to greatly improve the usability of the console programs. I write them down here to avoid to forget them and in the hope that they can be useful to other people. The key is to make the programs simple, which normally is not as easy as it sounds, but I hope these tricks will help you to achieve that. [Read More]
linux  unix  programming 

Virus and Python

  Posted on December 14, 2020  |  24 minutes  |  Guzmán Cernadas Pérez  • Other languages: gl

This post will explain several issues when it comes to understanding how a virus works. They will first be explained what they are and how is its life cycle. The main techniques for detecting a virus will be outlined below. After, the main anti-antivirus techniques will be discussed. Then, it will be explained how a virus works by providing examples of code, to finally add various enhancements and protections so that it cannot be detected by signature. [Read More]
python  malware  obfuscation