Posts

A writeup about exploiting an image converter service through path traversal and multiprocessing pickle deserialization. The solution required crafting a polyglot file that’s both a valid BMP image and a malicious pickle payload to achieve RCE.

A writeup for EPFL CS412’s HEAP-MEANU challenge involving heap exploitation through one-byte overflow and constrained brute-force reading. Despite full protections and modern libc 2.39, achieved RCE using a House of Spirits like attack.

When your loft flat turns into a sauna every summer, the logical solution is obviously to reverse-engineer a decades-old proprietary bus protocol. A tale of digital archaeology, improvised level shifters, and ladder-based near-death experiences.

How I reverse-engineered my electric sofa to work with Home Assistant using an ESP32. After frying a transistor and some emergency soldering, I now have a voice-controlled couch.