Reverse Engineering on

Haunting the Heap: Use-After-Free in AuthenKey Login Handler (x64)

Mon, 12 May 2025 00:00:00 +0000

Prologue — Heap Echoes in an AuthenKey Login Night
#

It was one of those times when I wasn’t actively hunting—just casually skimming through binaries like I was flipping through a security archive. The target: AuthenKey, a multi-factor login handler used by corporate VPN portals. As I browsed its binary, I found a small routine involved in processing post-login session keys.

Overflow in Silence: Stack Smash in MedBoard Log Viewer (x64)

Sun, 20 Apr 2025 00:00:00 +0000

Prologue — The Calm Before the Buffer Break
#

I wasn’t looking for trouble. Just bouncing between binaries on a slow weekend, half-interested in what outdated software still lingers in hospital networks. That’s when I stumbled on MedBoard Log Viewer — a quiet little utility meant to process and display logs in a fancy UI. But it was the backend log-loading routine that caught my eye. And once I spotted strcpy, I leaned forward.

Binary Badlands – HTB University CTF 2024

Sun, 21 Apr 2024 00:00:00 +0000

0x00 – Prologue
#

I knew from the moment I saw “MD5” in the challenge description, things were about to get weird. Anyone who’s spent enough time around outdated crypto knows MD5 is a landmine. It’s fast, broken, and predictable in just the right (or wrong) ways. This challenge leaned all the way into that mess.

NahamCon CTF 2023 – Multiple Challenges

Sun, 07 May 2023 00:00:00 +0000

0x00 – Prologue
#

Sometimes a CTF throws everything at you: logic bugs, broken binaries, half-documented APIs, and the occasional ancient Star Wars meme. NahamCon 2023 was that kind of ride. Our team, SneakBytes, dove in headfirst and came out the other side with a trail of solved challenges, caffeinated brains, and some solid lessons.

Signed Once, Loaded Twice: Plugin Signature Bypass in CodeWorks IDE

Tue, 11 Apr 2023 00:00:00 +0000

Signature Bypass in CodeWorks IDE Plugin Loader
#

Prologue: Not All Checks Are Made Equal
#

It started with curiosity, like it usually does. I wasn’t even targeting CodeWorks specifically. I was just bouncing around dev tools I had lying around — checking how they loaded plugins, how they validated them, and if they did anything… out of order.

Swipe to Shell: Exploiting a Buffer Overflow in PaySafeTech Daemon

Fri, 17 Mar 2023 00:00:00 +0000

Buffer Overflow in PaySafeTech Payment Daemon
#

Prologue: The Ghost in the Machine
#

The smell of late-night coffee and burnt solder still hung in the air. It was one of those nights — quiet, focused, and laced with the promise of uncovering something… forgotten.

Reverse Engineering on

Haunting the Heap: Use-After-Free in AuthenKey Login Handler (x64)

Prologue — Heap Echoes in an AuthenKey Login Night #

Overflow in Silence: Stack Smash in MedBoard Log Viewer (x64)

Prologue — The Calm Before the Buffer Break #

Binary Badlands – HTB University CTF 2024

0x00 – Prologue #

NahamCon CTF 2023 – Multiple Challenges

0x00 – Prologue #

Signed Once, Loaded Twice: Plugin Signature Bypass in CodeWorks IDE

Signature Bypass in CodeWorks IDE Plugin Loader #

Prologue: Not All Checks Are Made Equal #

Swipe to Shell: Exploiting a Buffer Overflow in PaySafeTech Daemon

Buffer Overflow in PaySafeTech Payment Daemon #

Prologue: The Ghost in the Machine #

Prologue — Heap Echoes in an AuthenKey Login Night
#

Prologue — The Calm Before the Buffer Break
#

0x00 – Prologue
#

0x00 – Prologue
#

Signature Bypass in CodeWorks IDE Plugin Loader
#

Prologue: Not All Checks Are Made Equal
#

Buffer Overflow in PaySafeTech Payment Daemon
#

Prologue: The Ghost in the Machine
#