hacking Demystifying Epic Games Store Spyware Over the past few weeks, I've seen a lot of discussion [https://www.reddit.com/r/PhoenixPoint/comments/b0rxdq/epic_game_store_spyware_tracking_and_you/] about whether or not the Epic Games' store is spyware. Unfortunately, the "proof" and "research" that has been shared is far from either of
ctf CSAW Write-Up: shell->code It's been a few weeks since me and the Mechasheep played CSAW, but that doesn't mean there's nothing left to write about. The first and easiest pwn challenge I encountered during the competition was called shell->code, a baby-class challenge. The simplicity of this challenge means I can actually focus
ctf CSAW Write-up: Turtles This past weekend, me and my team played CSAW CTF after taking quite a long break. We managed to hold top-20 for a good portion of the competition, even going as high as 12th place. Even though we lost our breath by the final day and finished in 40th, I
ctf PlaidCTF Write-up: Shop To warm up for DEFCON quals, my team and I decided to give PlaidCTF a shot. We knew it was going to bring some hard, fun challenges, and it did not disappoint. I immediately jumped into my comfort zone by tackling a pwn challenge, and got my first flag of
electrical engineering Hardware Hacking: Automating a USB3 Switch When I'm working from home, I like to feel comfortable on my regular battlestation. My work has to be done on a company machine, however. To keep the familiarity of my setup while on my work laptop, I decided to use a KVM Switch. The KVM Switch has inputs for
capture the flag How To Hack - Episode 2: Use-After-Free Triple Bounce Time for episode two of How to Hack! The challenge in this episode is a harder version of the one from episode one, so make sure to check it out first. If you missed it, you can find it here [https://nickcano.com/how-to-hack-ep-1/]. Link here [https://www.youtube.com/
capture the flag How To Hack - Episode 1: Trampoline Stack Smash So I've recently started streaming again, and pwnables are of my favorite things to stream. Twitch nukes my recordings after only two weeks, but they contain really good, detailed breakdowns of the attacks I use. They're like my write-ups, but in a different medium. I just put together the first
game hacking Throwbacks Part 1: The Effects of Bots on Online Games > This is the introduction to a multi-part series where I will be refreshing and reposting content which I've written before the days of this blog. An introduction to the series and topic is here [https://nickcano.com/throwbacks-0]. Back when I was writing my book, I intended to include a
Throwbacks Part 0: Introduction > This is the introduction to a multi-part series where I will be refreshing and reposting content which I've written before the days of this blog. You can check out the first installment here [https://nickcano.com/throwbacks-1-bots-tibia]. Over the years, I've written heaps of content about everything from bot development,
pc build New Dual Loop Build Over the holiday break, I took a night to rebuild my computer. My previous build was actually pretty fresh, with a Ryzen 7 1800x and 32GB of ram, but the older R9 290 cards weren't pulling their weight in a gaming build pushing two 4k screens. I decided to upgrade
hacking TUCTF Write-up: Temple of Malloc It's been a few months since me and my team started practicing CTF again, and we finally played in a live CTF over the weekend. It was a a fun CTF, and we actually managed to place above PPP with a team of only three people. I mean, it's clear
ctf Pwnables Write-up: FSB I'm on vacation in Mexico this week, which essentially means blow off pool time and hack stuff. I decided a relatively simple challenge would be a good starting point for the week, since I've never CTFed on this laptop and I was expecting to be constantly interrupted by vacation conversation
ctf Pwnables Write-up: Note And there goes another night spent honing my CTF skills. This time, I decided to tackle pwnables [http://pwnable.kr] Note challenge for 200 points. > Check out my SECURITY PATCH for mmap(). despite no-ASLR setting, it will randomize memory layout. so it will contribute for exploit mitigation. wanna try sample
ctf Pwnables Write-up: Malware Recently, me and Vadim [https://twitter.com/vadimkotov] decided to tag-team a 500 point challenge on pwnable [http://pwnable.kr] called malware: I have no respect for writing malware but I do have respect for writing cool malware lets find a way to beat ANUBIS (https://anubis.iseclab.org) download
ctf Pwnables Write-ups (October 2017) It's been nearly a year since I played my last competitive Capture The Flag (CTF); life has kept me busy and I haven't had time to practice much. Recently, me and a buddy decided to start practicing again so that we could get back to competing in the near future.
game hacking Hooking LuaJIT If you've been around the gaming industry even a little, you've almost definitely heard of Lua [https://www.lua.org/]. This potent scripting language has found itself embedded in thousands of video games, acting as an API for engineers to easily add functionality to game clients and servers alike. > Sidebar:
game hacking Reversing the League of Legends Client > DISCLAIMER: This is for information and learning purposes only, I do not endorse or recommend using this information to make any unofficial tools which can result in bans (or worse). Back when League of Legends' client was still written in Adobe AIR, I reverse engineered it, located the functions responsible
game hacking Bot Architecture Part 2: Versions & Updates > This is the second installment in a multi-part series about the architecture and design of XenoBot. An introduction to the series and topic is here [https://nickcano.com/bot-architecture-0/] and the first post is here [https://nickcano.com/bot-architecture-1/]. One peculiar aspect of bot development is the frequent out-of-cycle updates
windows Quitting Windows 7 Necromancy My OS install for my main Desktop is going on 6 years now. Since it's advent, it has undergone a slew of changes. Off the top of my head, I know it started on an HDD, moved to an SSD with the system reserved partition on an HDD beside it,
game hacking Bot Architecture Part 1: Threading > This is the first installment in a multi-part series about the architecture and design of XenoBot. An introduction to the series and topic is here [https://nickcano.com/bot-architecture-0/] and the next post is here [https://nickcano.com/bot-architecture-2/]. The core code of XenoBot exists withing the memory space of
game hacking Bot Architecture Part 0: Introduction > This is the introduction to a multi-part series about the architecture and design of XenoBot. You can check out the first installment here [https://nickcano.com/bot-architecture-1/]. Before I dive into the nitty-gritty of XenoBot's architecture, I think it's appropriate to introduce XenoBot at a high-level. XenoBot is a client
