The Box Breaker and Script Creator
Offensive Security Specialist, Application Engineer, Developer, Researcher, Electrical Engineer, Bird Dad and Idiot.
- Some great words to describe myself!
From jobs to personal projects, I've encountered many different situations, met many diverse people and unwillingly learned new programming languages (looking at you PHP).
My combined experience helps drive the thought process behind all my projects and allows me to constantly strive towards improvement of my current projects or development of great and new ideas!
You may have heard of me from my work as the software development lead for The Scorebot Project or my custom C2 framework XMT. If not, it might be from one of my other numerous Projects that or you may have ran into me as a Blue Teamer (which in case, Hi! lol).
Regardless, my main goal is constantly improving my own work and being able to pass on the things I've learned to others.
If you ever play the Pros Versus Joes CTF or are at any major InfoSec con (BSidesLV, BSidesDC, BSidesDE, Shmoocon, Defcon, Blackhat, etc..) you might just run into me! I can always be found wherever the dank memes are.
Don't forget to peek at my Twitter to check up on the shenanigans that I'm getting into or to get a heads up on any updates to my projects!
- RT @WWHackinFest: Saddle up folks.... our next amazing keynote speaker for Deadwood 2022.... @AlyssaM_InfoSec!!
This will be an epic con! Don't miss out! Register now →→ https://wildwesthackinfest.com/deadwood/@WWHackinFest
- RT @troutman: I’m sorry you are (rightly) nervous to attend and I wish it wasn’t that way. Do check out the Diana Initiative (@DianaInitiative) for a much more inclusive and relaxed event, happening the day before & first day of DEF CON, next door.
- RT @MalwareTechBlog: Infosec: "why are so few women interested in infosec?"
Also Infosec: "we invited the guy banned from several conferences due to multiple credible accusation to keynote our conference and listed him as an 'untitled special guest' so attendees wouldn't know until it was too late"@MalwareTechBlog
- RT @magg_py: “Leaders” out here stopping miles short of condemning Hadnagy for both past abuse & that flagrant DARVO BS he pulled.
It’s not “an unfortunate situation”
Say it with your chest or just admit he’s still your buddy. Don’t just delete the pics like nothing happened@magg_py
- R to @iDigitalFlame: I added some atomic protections to it (and also squashed a bug with "WaitForSingleObject" lmao).
You can see my struggle here: https://github.com/iDigitalFlame/XMT/compare/v0.3.4...v0.3.4-b3
BTW: This all happening in a service so I had no access to stdout/stderr 🙃
#programming #golang #windows@iDigitalFlame
- R to @iDigitalFlame: So, process starts, handle gets closed, and then we trigger an API call on it, which causes it to be killed by the kernel. Oh fun!
Least it's fixed, so no more BSODs? (Hopefully)
- R to @iDigitalFlame: Since Windows system binaries have CFG and extra protections, any of those operations on the Closed/Invalid pointer causes the kernel to kill the process. (Instead of ya know, an error return?)
BY THE WAY I HAVEN'T SEEN A WAY THIS GETS LOGGED! 😡
- R to @iDigitalFlame: Why? Well turns out, between the "Start" and "Release" we cause a race for the Process handle, between "CloseHandle" and "WaitForSingleObject" AND "GetProcessExitCode".
- R to @iDigitalFlame: So it's 4am now.
I find that commenting out a line that closes the handle to the main process object FIXES the issue.But we don't want that dangling handle. :(
Ok.. so what's happening?
It HITS ME.
WE'RE GETTING KILLED BY CFG AND OTHER WINDOWS SYSTEM PROTECTIONS!
- R to @iDigitalFlame: So it looks to be all over the place WHEN it happens, but eventually I narrow it down to a specific action.
This action I'll call Start()->Release(). Basically it starts a process then we relinquish all our ties to it (we don't need it anymore, but we don't want to kill it.)