Arvind Mukund
Software Engineer / Cybersecurity Engineer
Boston, MA
Hi! I really like working on Computer Systems and low-level binary exploits. I play a bunch of CTFs and predominantly write C code. I am a graduate student from Northeastern University. I have worked on AOSP code and Qualcomm chipsets since around 2013. I enjoy writing code with performance in mind (performant code is ugly code). One of my coolest CTF exploit comes from defcon qualifiers 2021 (write up here) where I finished the challenge using a bash suid zero day to leak the bash binary and disassemble it instead of the intended solution where I was supposed to ACTUALLY SOLVE MATH PROBLEMS?!?!?!?!
I work for Qualcomm as a Systems Security Engineer working on implementing DRM, more specifically Widevine features into a trusted applet that runs on TrustZone. Worked on security states SEL0 and SEL1. If a bug I create breaks your Netflix then here’s a nice link for you to refer to.
Apart from that I enjoy gaming. I play Rainbow Six Siege professionally for the team at Northeastern University and played in LAN events back in India when COVID wasn’t a thing.
For fun, I used to contribute to XDA Developers. Most of my projects come from here. I am a Recognized Developer at XDA now. Profile link: Here
If you’re feeling really risky run this completely untrusted code that I have here. TRUST ME ;) Handy download link
Click here to see code!
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/* Only works on x86_64 */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/mman.h>
#define PAGE_SIZE 0x1000
#define PAGE_ALIGN(m) (((m) + PAGE_SIZE - 1) & PAGE_SIZE)
const char magic[] =
"\xbf\x01\x00\x00\x00\xc6\x44\x24\xff\x59\x48\x8d\x74\x24\xff\xba\x01\x00"
"\x00\x00\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x75\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x61\x89\xf8\x0f\x05\xc6\x44\x24\xff\x63\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x74\x89\xf8\x0f\x05\xc6\x44\x24\xff\x75\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x61\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x6c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x79\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x64\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24\xff\x63\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x69\x89\xf8\x0f\x05\xc6\x44\x24\xff\x64\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24\xff\x64\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x74\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x6f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x72\x89\xf8\x0f\x05\xc6\x44\x24\xff\x75\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x6e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x74\x89\xf8\x0f\x05\xc6\x44\x24\xff\x68\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x69\x89\xf8\x0f\x05\xc6\x44\x24\xff\x73\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x21\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x57\x89\xf8\x0f\x05\xc6\x44\x24\xff\x48\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x41\x89\xf8\x0f\x05\xc6\x44\x24\xff\x54\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x49\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x46\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x49\x89\xf8\x0f\x05\xc6\x44\x24\xff\x54\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x48\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x41\x89\xf8\x0f\x05\xc6\x44\x24\xff\x44\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x53\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x48\x89\xf8\x0f\x05\xc6\x44\x24\xff\x45\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x4c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x4c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x43\x89\xf8\x0f\x05\xc6\x44\x24\xff\x4f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x44\x89\xf8\x0f\x05\xc6\x44\x24\xff\x45\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x48\x89\xf8\x0f\x05\xc6\x44\x24\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x72\x89\xf8\x0f\x05\xc6\x44\x24\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x27\x89\xf8\x0f\x05\xc6\x44\x24\xff\x73\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x77\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x68\x89\xf8\x0f\x05\xc6\x44\x24\xff\x61\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x74\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x79\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x75\x89\xf8\x0f\x05\xc6\x44\x24\xff\x72\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x50\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x43\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x63\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x75\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x64\x89\xf8\x0f\x05\xc6\x44\x24\xff\x27\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x76\x89\xf8\x0f\x05\xc6\x44\x24\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x62\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24\xff\x65\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x6e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x78\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x78\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2e\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x60\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x29\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x28\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x60\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5b\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x6f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24\xff\x5f\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3a\x89\xf8\x0f\x05\xc6\x44\x24\xff\x7c\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x5c\x89\xf8\x0f\x05\xc6\x44\x24\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24\xff\x20\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x60\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x3d\x89\xf8\x0f\x05\xc6\x44\x24\xff\x2d\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x60\x89\xf8\x0f\x05\xc6\x44\x24\xff\x28\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x29\x89\xf8\x0f\x05\xc6\x44\x24\xff\x0a\x89\xf8\x0f\x05\xc6\x44\x24"
"\xff\x0a\x89\xf8\x0f\x05\xb8\x3c\x00\x00\x00\x31\xff\x0f\x05\xeb\xfe";
int main(int argc, char **argv) {
void *fn = mmap(NULL, PAGE_ALIGN(sizeof(magic) - 1), PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
memcpy(fn, magic, sizeof(magic));
mprotect(fn, PAGE_ALIGN(sizeof(magic) - 1), PROT_EXEC | PROT_READ);
if (mmap) {
((void (*)())fn)();
}
}
news
Sep 1, 2021 | Things that happened in Spring21 + Summer 21 |
---|---|
Dec 31, 2020 | Things that happened in Fall20 |
Sep 7, 2020 | Things that happened in Spring20 |
Dec 31, 2019 | Things that happened in Fall19 |