Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a3d13a8

GetVolumeGuid

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a3d13a8.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a3d13a8.json&colors=light

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75ac7c698

Add

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ac7c698.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ac7c698.json&colors=light

my name is `adduser`
and my brother's `useradd`
one of us is good
and one of us is bad!

which of us is which?
there is no way to know
we change names sometimes
to keep you on your toes!

FuuuUUUuuuck Cancer.
Just learned that Amit Yoran has passed.
He was a friend, and a long-time supporter of @SecurityBSidesGlobal from the early days of NetWitness through his leadership at Tenable.
Fuckity fuck fuck, would y'all stop dying and shit? Please?

I still don't get GPU accelerated terminal emulators.

I just git added a directory of >100k files in a non-accelerated terminal and I didn't even notice the combined lag of terminal prints **and** git tree updates in the background. I only noticed the change was this large because GitHub complained!

and i dont even drink anymore!

Good news: I'm drinking Port wine
Bad news: Haven't reached the Ballmer Peak

I was forwarded this screenshot and it just is living rent free in my head right now.

As part of the 20th anniversary of the BBS Documentary's release, I've ripped the 3 DVDs that were included in the project and have them hosted at Internet Archive. These ISO files can be played in the VLC player like DVDs, and include all bonus features, subtitles, director's commentary, etc.

https://archive.org/details/BBS_Documentary_DVD_Set

I read a paper book about a subject yesterday and it was ✨amazing✨ 10/10 would recommend trying books.

They look kinda like this emoji you might have seen: 📖

At no point did the book scold me because I have a whole-house ad blocker.

At no point did the book invite me to set up an account to continue reading.

At the end of the book, it simply ended, without immediately showing me additional, less relevant books.

Books. On paper! Who knew?

KernelSnitch: Side-Channel Attacks on Kernel Data Structures

Paper by Lukas Maar et al. about using a timing side-channel for leaking addresses of exploitation-relevant kernel structures.

https://lukasmaar.github.io/papers/ndss25-kernelsnitch.pdf

The stream will be live soon at https://youtube.com/live/q6KgFezu8tw?feature=share

btw (on arm64)

Hyper-V from Windows 11 version 22H2/23H2 works without (and does not use) VHE

From version 24H2 onwards VHE is mandatory. Those releases also have ARMv8.1-A atomics and RCpc from ARMv8.3-A as required.

[RSS] The Alder Lake SHLX Anomaly

https://tavianator.com/2025/shlx.html

"It seems like SHLX performs differently depending on how the shift count register is initialized. If you use a 64-bit instruction with an immediate, performance is slow."

[RSS] Cross Cache Attack CheetSheet

https://u1f383.github.io/linux/2025/01/03/cross-cache-attack-cheatsheet.html

[RSS] Some Casual Notes for CVE-2024-26921

https://u1f383.github.io/linux/2025/01/04/some-casual-notes-for-cve-2024-26921.html

I love this so much, this is literally the physical form of a workaround that's grown to meet enterprise demands.

This is literally, physically, what developers mean when they talk about "tech debt".

Have a great weekend and enjoy some tunes:

https://youtu.be/j_Md8_7mhOU

I will stream in 8h about the basics of the PDF format, teaching how to make a basic PDF from scratch.

This is an easy-level introduction to the PDF [portable document format], aimed at all audiences: infosec, but also digipres, DFIR, and others.

This will not cover complex cases, polyglots, abuses or exploit.
That will come next but this stream is the start on the topic.
The stream will be recorded and available publicly.