Another nice CppCon, though I had the feeling there was better talks last year (at least more I was interested in). Also happy to hear that there finally seems to start some initiative to get more aggressive on deprecating features and focusing more on performance over backwards-compatibility.

Short review of the talks I watched. List ordered chronologically.

Read more »

Overall CppCon was a really nice conference with lots of good talks from lots of different application domains. There is still quite a few talks which I missed because they overlapped with other talks. Will catch up with those once their recordings have been uploaded.

Short review of the talks I watched. List ordered chronologically.

Read more »

CTF WriteUp: 33C3 CTF 2016 / list0r / web / 400 points

We are presented with a basic Bootstrap/PHP CTF page. It allows to create TODO lists and also to set your own profile. The interesting part here is that in the profile you can give a link to a picture which the server will then fetch. This will be useful later on. First thing we notice is that the pages are of the form:

http://78.46.224.80/?page=list

This allows for a classic PHP attack to leak the source by running the following query

http://78.46.224.80/?page=php://filter/convert.base64-encode/resource=list

Read more »

I am a big fan of the linux perf (perf events, perf tools) tool. It has already helped me several times debugging problems or solving performance bottlenecks.

Unfortunately, documentation is rather sparse about it. As such, I created a perf-examples repository that contains small example programs that show how certain perf features can help to find problems.

Read more »

CTF WriteUp: 0CTF 2016 / Monkey / web / 4 points

We are presented with a simple page that allows us to submit a URL which some monkey will browse for two minutes. In addition, the page says that we can find the flag at 127.0.0.1:8080/secret. The challenge page also asks what the same-origin policy is. Let’s start by answering that question.

Read more »

How I bootstrapped this blog and how you can do it, too. Let’s assume you want to setup static hosting on example.com:

1. Register your domain with the registrar of your choice.
2. Sign in/up for Cloudflare with your domain.
3. Replace the DNS servers of your registrar with the ones you get from Cloudflare.
4. In the Cloudflare dashboard under DNS add two entries:
   • CNAME example.com yourusername.github.io
   • CNAME www yourusername.github.io

   Make sure that you click the Cloudflare icon for both of these entries to turn them on.

5. Get started with Github pages as described on this page.
6. Add an empty file called CNAME containing example.com to your repository.
7. Push.
8. Profit!

Read more »

Welcome to my blog and home page!

A place where I collect all my stuff and probably blog from time to time.

This my first entry and I am still trying out stuff.