Ech0 - Ech0's Laboratory

web3

Kusama: missed Paravalidation vote investigation

It finally happened. My first ever "incident" during Kusama para-validation (missed vote). Let me explain what happened, how I noticed it and what investigations I conducted to understand the reason behind it. Spoiler: the impact of this is negligible either on the network or the staking rewards. Turns

linux

Building the smallest elf program

In this post we will have fun trying to create the smallest possible 64 bits Linux program (ELF binary) that simply outputs “Hello world!” when it is executed. The idea here is to understand the compilation process, linking, how loader works, how ELF file format is structured, and so on.

exploitation

Javascript engine exploitation methodology

This post is actually a video. Here is my talk in French where I cover some exploitation methods of famous browsers Javascript engines. This talk was made at the Quarks in the Shell 2023 conference of Quarkslab company.

exploitation

Vulnerability research and ActiveX controller exploitation

This post is technical and was written a long time ago. It covers vulnerability research topic and if you do not understand, don’t push it, check my easier other posts instead! Introduction This is probably the longest write-up you’ll see on this blog. The reason is simple: I

e-learning

How to learn and start in cybersecurity

Every person in this community was once a beginner and it’s usually a hard domain to begin with if you’re not guided. Are you interested in how to learn cybersecurity? I will try to guide you through this article and give you some tips to start your cybersecurity

malware

Packing and dropping from resources

In this new series of articles “packing”, I will present to you various key technical points used by packers, starting by dropping the malicious code from the resources section. Attention, here I do not intend to explain what a binary packer is, I will let you search on the internet.

linux

Develop a kernel module in Linux

We have seen previously how to develop and integrate a system call into the Linux kernel. Now we are going to look at how to develop another form of code execution in ring 0 (kernel-land): the Linux kernel module system. We will see how to develop a kernel module and

linux

Develop a system call in Linux

In this post we will we will see how to develop a system call by: * Coding a function in C * Compiling it with the Linux kernel * Charging it in the syscalls table * Calling it from user-land In other terms: we will add our own system call to the Linux kernel.