Something with IT security and Rust
Hi, I'm Tobias. I currently try my luck with Rust, Flutter and fuzzing. See what I'm working on below, it's nothing crazy but it's fun.
This blog post introduces my new generic approach to easily create a fast and easy-to use protocol fuzzer for custom targets. The fuzzer aims to be used mainly in the embedded world, where most of the time it is not easy to create a running harness on a Linux-based system because of hardware dependencies, the source code is not available, or it requires hardware attacks to dump the firmware.
twonly is a European open-source alternative to Snapchat, written in Flutter. It uses the Signal protocol to encrypt all messages end-to-end and offers a clean UI without distractions or ads. Try it out for yourself by downloading the app from your app store or directly via GitHub.
This winter semester I took part in the TU Darmstadt Hacker Contest, where we had an exercise in which we had to find security vulnerabilities in open source repositories. In this blog post I will share my findings. It's nothing crazy, but it was still fun to find them.
In my term paper about the "Internet of Vulnerable Things" I wanted to find a memory-related vulnerability in a binary running on the TL-WR902AC but was not successful. This time I use fuzzing to find such a vulnerability.
To learn Rust and cryptography at the same time I implemented the TLSv1.3 from scratch. The implementation includes all cryptographic operations like elliptic curves or AES. During the implementation, I looked at various attacks in detail. Some of them have become CTF challenges (see VulnTLS for more), such as Dual_EC, an NSA backdoor.
WebRocket is a WebSocket server implementation programmed from scratch in Rust (including SHA-1 and Base64). This is my project with which I learned Rust.
In one of my term papers I had to write about the topic "Internet of Vulnerable Things". So I bought a cheap router and took a closer look. As expected, the security was not really good and I was able to find a security vulnerability with a CVE score of 8.8 in no time.
I created this project to provide a privacy compliant and feature rich "sign in with" solution for my own websites. In the meantime my focus has changed to web application security. It is therefore explicitly allowed to hack my own instance under odmin.de - and if the hack impresses me there is also a small bug bounty :)