Hopelessly passionate husband, engineer, hacker, gamer, and artist.

  1. The SMB3 Input Polling Glitch

    In addition to tracking down how the fireball works in SMB3, dwangoAC has also asked me to give my interpretation of how the bug works in the recent SMB3 TAS run. This is all of my analysis after having spent many hours playing with it in a debugger.

  2. Reversing SMB3's Fireballs

    I was recently asked to determine where the code that handles drawing the fireball sprite in Super Mario Bros. 3 for the NES is located by dwangoAC. I wanted to quickly document the work I did in case this is useful for anyone else in the future. For the work below, I used FCEUX to execute my SMB3 ROM and step/trace what I needed. I also used Binary Ninja to disassemble the ROM and mark it up in a way that would help me understand what was going on.

  3. My CSAW 2016 Recon Challenge

    I had a ton of questions about my reconnaissance challenge in this year's CSAW Qualifiers, so I decided to write it up. Unlike other write-ups, this will offer multiple solutions (if I had them). In other words, this is how I thought people could solve the challenge.

  4. How Not To Solve a CTF Challenge II

    I had to head into work this weekend to prepare for some upcoming travel, so I originally had no plans to play any CTFs. But, when Skolor told me there was a Ruby challenge in the Tokyo Westerns CTF 2016, I knew I had to check it out. Despite my insistence that Ruby is better than Python, I always seem to struggle with Ruby challenges. Sadly, this one was no different...

  5. DEFCON 15: kimjong

    DEFCON 15's kimjong service is one of my favorites. When I was part of the Whitehatters Computer Security Club at USF, it was the first "real" CTF binary I had experience with. It's also very simple and "textbook", which makes it a great introductory challenge.