• Jul
    17
    2017

    H1-702 2017: Writeups

    The last few weeks Hackerone have been hosting a mobile CTF as a qualifier for their Las Vegas H1-702 event. The goal was to reverse engineer a handful of Android and iOS mobile applications and get the flags. To qualifiy for the main event you had to, apart from solving the levels, submit writeups of how you did it. These are the writeups I submitted for my solutions.

    Read more
  • Mar
    20
    2017

    Reversing malware USB drives in Gothenburg

    This Wednesday reports about USB-drives with malicious code being found in the area Lindholmen in Gothenburg, spread in Swedish media. It was reported by, among others, IDG, Expressen, SVT and even far-right sites such as Nordfront. This quickly spread in social media and all kinds of wild theories started to appear including industrial espionage and Russian hackers using “military-grade encryption”. All of this, of course, without any kind of evidence to back it up. Being a strong opponent to the FUD that is very commonly spread in security related events I sought to dig deeper into this.

    Read more
  • Jan
    5
    2017

    SANS Holiday Hack Challange 2016: Writeup

    This post contains my report for the SANS Holiday Hack challenge 2016.

    Read more
  • Dec
    26
    2016

    dJulkalender 2016: Writeups

    The computer science chapter at my alma mater, KTH, arranges an advent calendar called “dJulkalendern”. It is a CTF-like puzzle with challenges (almost) every day until christmas and also a competition. In 2013 I won the compeition and last year I ended up third. This year I managed to improve a little and take the second place.

    Read more
  • Sep
    8
    2016

    SEC-T 2016 Talk: SMT in RE

    Today at around 16:00 I’m doing a lightning talk at the SEC-T security conference titled “SMT in reverse engineering, for dummies”. A stream to the talk should be available on YouTube where you hopefully will be able to see the talk. It will probably also be available online afterwards. I will update this post with a link.

    Unfortunately, the SEC-T arrangers lost all the recordings due to technical problems. Fortunately, I re-recorded my talk and put it on YouTube.

    In the talk I’m referring to some scripts I have written. You can also download the slides as a PDF.

    Read more

subscribe via RSS