[RSS] Findings Gadgets Like it's 2026

https://www.atredis.com/blog/2026/3/12/findings-gadgets-like-its-2026

Java gadget hunting with LLMs

RIP FX

We collected some texts from the community in memory of FX. You can find them here https://phenoelit.de/fx.html

[RSS] I'm so tired [of correcting quantum computing misconceptions]

https://bfswa.substack.com/p/im-so-tired

I give up: I turned the firewall back on, everything works even after I removed the previously downloaded executable o.O

got a fun reply yesterday that was like "yeah I can't believe people are taking such a lax approach to verifying the behaviour of software especially if they use LLMs. we never would have done this when I worked at <well known arms manufacturer>"

"The windows firewall can block named pipes even when they are only used for inter-process communication on the same machine." - OK this may be related. Also, WTF?

Source:
https://superuser.com/questions/462443/what-are-reasons-for-local-windows-named-pipes-to-fail

Now I'm in a nasty rabbit hole, because the Zed server doesn't seem to use /TCP/UDP connections, yet it is somehow affected by the firewall...

Managed to set up cross-platform #Rust development environment with @zed using Windows as a remote host. Some tips:

* You have to let Zed proxy through the Windows firewall (I just disabled it as usual, since this is a lab network)
* The default cmd.exe shell doesn't seem to work with remote tasks (I suspect character escaping error), you have to explicitly set powershell.exe

I was initially concerned about usual Windows SSH shenanigans, but surprisingly my config (with jumphost and an agent) worked flawlessly from Linux.

h/t @raptor for the tip!

Frida 17.8.0 dropped with frida-strace syscall tracing on Android & iOS, no jailbreak required 🙌 https://github.com/frida/frida/releases/tag/17.8.2

"Justice is what love looks like in public." Via Natalie Foster and Cornel West, commissioned by me through Clay Graham Art https://www.claygrahamart.com/products/robo-justice-battle-damage-variant-matte-poster

A very detailed tutorial from "Joaquin Pinillos"

Walk x86-64 page tables by hand in qemu and gdb. Decompose a virtual address, follow cr3 through all levels of physical memory, and extract a flag from raw bytes.

https://github.com/jazho76/page_table_walk

#reverseengineering #linux #ctf

@stf gotcha, I think this is in part the balancing I mentioned, "Facebook style" (some constructs feel much weirder on substack than on FB, no clue why), and a common mistake of trying to translate everything to HU. With those updates a minor breakdown may also play a part...

@stf https://hvg.hu/itthon/20260314_az-mcc-oroszorszag-kutatoja-szerint-peldatlan-orosz-muvelet-zajlik-a-magyar-valasztasok-befolyasolasara

@stf I fount it from HVG, you can find an analysis there.

@stf I'm not sure if you are talking about the same "feeling", but the guy works at MCC and I only felt that he was _really_ careful at choosing his language. There are also some minor differences in editing (parenthesis for example), but I haven't compared the two versions.

Battlefield: Budapest - An Unprecedented Russian Operation to Influence the Hungarian Elections

https://eurazsiaijegyzetek.substack.com/p/battlefield-budapest-an-unprecedented

@raptor I wonder how they chose the name though...

@raptor remote dev sounds really useful for xplatform dev too, RR had trouble with that!

RegPwn was a Windows 0-day that we were using for LPE in our Red Team for a year (discovered by Filip D. In January 2025). Unfortunately it got fixed 🥲

Good bye RegPwn 🫡

https://www.mdsec.co.uk/2026/03/rip-regpwn/