Endless Christmas X-MAS CTF Writeup

Posted on Sat 22 December 2018 in binary reverse, IT, security

This is a writeup for the Endless Christmas challenge, md5 hash 866c92038d6e9fc47db4424f71f6167a (download binary). It appeared in the X-MAS CTF, and it's a Reverse challenge.

Using afl with Radare we can see there are calls to write and execve, both happening in main, a sign that this program creates (and …

Tasks un-owned are task that go forgotten

Posted on Sat 11 August 2018 in meta, IT

If you are a tech company, and your people commit code, then you probably have some code review policy. And if you do not, you definitely should: you want to have an extra pair of eyes on the code that goes live. You certainly do not want a mistake to …

WP CLI custom commands not working

Posted on Tue 19 June 2018 in wordpress, wp-cli

Make sure to add them in active code. Adding a spare php file with the WP-CLI command definition in /wordpress won't work, because that code won't be loaded by WP. Dropping the file into wp-content/plugins won't work as well. Make it part of an active plugin, or use your …

A tale in topology - The large clovers meadow

Posted on Wed 18 April 2018 in meta, mathematics

A small tale with a topological soul, with the aim of providing a very high level intuition for the notion of density and dense set in topology.


Smally Open was a cheeky youngster of the Open family who lived in a large meadow. It was a very nice and green …

Numpy histogram density does not sum to 1

Posted on Mon 19 March 2018 in python, IT

During a Computational Vision lab, while comparing histograms, I stumbled upon a peculiar behavior. The histograms pairwise kernel matrix - which is just a fancy name for the matrix holding histograms correlations one with another - did not have ones on the diagonal. This means that one histogram was not fully correlated …

The one time pad and the many time pad vulnerability

Posted on Thu 18 January 2018 in cryptography, IT, security

The scope of this article is to present the one time pad cipher method and its biggest vulnerability: the many time pad attack.

The one time pad: what it is and how it works

The one time pad is the archetype of the idea of stream cipher. It's very simple …

Base conversion in Ubuntu (decimal to binary)

Posted on Thu 11 January 2018 in tips, linux

Need to convert a base 10 integer in a base 2 one? Or, at any rate, convert a number from one numeration system to another? In Ubuntu, the bc utility already integrates these features. It is usually already installed, so you don't have to anything special.

Simply run bc, and …

Does C++ delete operator really free memory?

Posted on Wed 20 September 2017 in IT, programming

Well, I have been wondering about this for quite a while now, and I have tried to run some tests to better understand what's going on under the hood. The standard answer is that after you call delete you should not expect anything good from accessing that memory spot. However …

WordPress function url_to_postid not working with Anspress

Posted on Mon 23 January 2017 in wordpress, tips

With the Anspress theme/plugin, using the WordPress native function url_to_postid() on a question permalink returns the page ID of the base page. For example,

url_to_postid( "www.website.com/questions/question/this-is-the-question");

would return the page ID of the /questions page.

To get the WP question ID of this-is-the-question, use …

bbPress - Anonymous Subscriptions

Posted on Mon 15 February 2016 in wordpress, IT

This add-on plugin for bbPress will allow anonymous users to subscribe to topics and get email notifications when a new reply is posted. The notification email includes an unsubscribe link.

bbPress notifications will keep to go out to registered users, this plugin only extends the thing to anonymous posters as …