TMZ Lair - Underground Coding

Linux.Fe2O3: a Rust virus

4 minute read Published:

Simple prepender virus written in Rust
Overview Everytime I try to learn a new programming language, I try by port my prependers (Linux.Zariche, Linux.Liora, Linux.Cephei). Despite the code simplicity , it gives me the chance to understand very useful things in a language, like error handling, file i/o, encryption, memory and a few of its core libraries. This time, Rust is the language and I must say that I was impressed by its compiler and error handling, but the syntax is still not 100% clear to me (as you can see from my rudimentar code in Linux.

Linux ELF Runtime Crypter

6 minute read Published:

A Simple Linux ELF Runtime Crypter Using memfd_create Syscall
"Even for Elves, they were stealthy little twerps. They'd taken our measure before we'd even seen them." — Marshall Volnikov Last month I wrote a post about the memfd_create syscall and left some ideas in the end. Today I’m here to show an example of such ideas implemented in an ELF runtime crypter (kinda lame, I know but good for this demonstration). What is it? Glad you asked.

Running ELF executables from memory

7 minute read Published:

Executing ELF binary files from memory with memfd_create syscall
Something that always fascinated me was running code directly from memory. From Process Hollowing (aka RunPE) to PTRACE injection. I had some success playing around with it in C in the past, without using any of the previous mentioned methods, but unfortunately the code is lost somewhere in the forums of VXHeavens (sadly no longer online) but the code was buggy and worked only with Linux 32bit systems (I wish I knew about shm_open back then, which is sort of an alternative for the syscall we are using in this post, mainly targeting older systems where memfd_create is not available).

Lenovo Thinkpad E485 Review

5 minute read Published:

This is my honest, much needed and unbiased review of the new (budget) Lenovo Thinkpad E485 with AMD Ryzen (Raven Ridge) APU
Last year I built a PC with a AMD Ryzen 5 1600 and I was truly impressed. Then now its time for me to get a new laptop and it was only natural to look for something that had AMD in it. I am very excited for my first Thinkpad, I even starting writing the same day as I ordered the unit (which took its damn time to be delived.

Return to Crunchbang With OpenSUSE and Openbox

3 minute read Published:

Giving Crunchbang's look to your OpenSUSE Openbox installation.
I’ve been running OpenSUSE (Tumbleweed) for some years now and KDE was my Desktop Environment of choice since years ago but before that, I was a die hard user of the Crunchbang (#!) Linux distro, which featured an awesome gray Openbox desktop. The simplicity Crunchbang offered is something that I missed during the years and after I found out that the community had revived the project in the for of Crunchbangplusplus and also Bunsenlabs, I just had to try it again but this time OpenSUSE Tumbleweed was my choice, instead of the good old Debian.

Yet Another Weather Indicator

3 minute read Published:

A simple GTK weather indicator written in Go because why not.
Recently I started using Openbox as my WM again (after a long time with KDE, the nostalgia hit me). After I had everything working as I wanted to, I noticed the lack of a weather indicator in my systray. Usually, the desktop environments I have used (Gnome, KDE, Mate) have some sort of applet for this included and I really never bothered (when I was using Openbox before, I had some hacky script that would display the weather in my tint2, but I can’t find it anymore).