nganhkhoa/website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

code format

Browse Source
This commit is contained in:
nganhkhoa 2025-01-03 18:19:48 -06:00
parent 224520740b
commit 4efdae3a4f
10 changed files with 434 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app/Header.elm
View File

@ -1,19 +1,31 @@
module Header exposing (header)
import Html.Styled exposing (..)
import Html.Styled.Attributes exposing (style, target, src, class)
import Route
import Html.Styled.Attributes exposing (class, src, style, target)
import Link exposing (Link)
import Route
header = p [ style "display" "flex", style "flex-direction" "row", style "justify-content" "flex-start" ]
[ p [ style "margin-right" "1rem" ] [ home ]
, p [ style "margin-right" "1rem" ] [ blog ]
, p [ style "margin-right" "1rem" ] [ book ]
, p [ style "margin-right" "1rem" ] [ cv ]
]
home = Link.link (Link.internal (Route.Index)) [] [ text "Home" ]
blog = Link.link (Link.internal (Route.Blog__Slug_ { slug = "" })) [] [ text "Blog" ]
book = Link.link (Link.internal (Route.Book)) [] [ text "Book" ]
cv = Link.link (Link.external "/cv.pdf") [ target "_blank" ] [ text "CV" ]
header =
p [ style "display" "flex", style "flex-direction" "row", style "justify-content" "flex-start" ]
[ p [ style "margin-right" "1rem" ] [ home ]
, p [ style "margin-right" "1rem" ] [ blog ]
, p [ style "margin-right" "1rem" ] [ book ]
, p [ style "margin-right" "1rem" ] [ cv ]
]
home =
Link.link (Link.internal Route.Index) [] [ text "Home" ]
blog =
Link.link (Link.internal (Route.Blog__Slug_ { slug = "" })) [] [ text "Blog" ]
book =
Link.link (Link.internal Route.Book) [] [ text "Book" ]
cv =
Link.link (Link.external "/cv.pdf") [ target "_blank" ] [ text "CV" ]

50
app/Route/Blog.elm
View File

@ -7,23 +7,21 @@ import FatalError exposing (FatalError)
import Head
import Head.Seo as Seo
import Html.Styled exposing (..)
import Html.Styled.Attributes exposing (style, class)
import Html.Styled.Attributes exposing (class, style)
import Json.Decode as Decode exposing (Decoder)
import Json.Decode.Extra
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import Pages.Url
import PagesMsg exposing (PagesMsg)
import Route exposing (Route)
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import View exposing (View)
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import TailwindMarkdownRenderer
import Tailwind.Utilities as Tw
import TailwindMarkdownRenderer
import View exposing (View)
type alias Model =
@ -33,9 +31,11 @@ type alias Model =
type alias Msg =
()
type alias RouteParams =
{}
route : StatelessRoute RouteParams Data ActionData
route =
RouteBuilder.single
@ -46,7 +46,8 @@ route =
type alias Data =
List (Route, Article.ArticleMetadata)
List ( Route, Article.ArticleMetadata )
type alias ActionData =
{}
@ -55,7 +56,8 @@ type alias ActionData =
data : BackendTask FatalError Data
data =
Article.blogAllMetadata
|> BackendTask.allowFatal
|> BackendTask.allowFatal
head :
App Data ActionData RouteParams
@ -91,23 +93,27 @@ view app shared =
, text " "
, Link.link (Link.internal (Route.Osx__Slug_ { slug = "" })) [] [ text "series" ]
, text " "
, text "about the Mach-O binary format, used in Apple devices." ]
, text "about the Mach-O binary format, used in Apple devices."
]
, div [] (app.data |> List.map renderBlogItem)
]
]
}
renderBlogItem : (Route, Article.ArticleMetadata) -> Html msg
renderBlogItem (route_, article) =
renderBlogItem : ( Route, Article.ArticleMetadata ) -> Html msg
renderBlogItem ( route_, article ) =
div []
[ Link.link (Link.internal route_) [ style "text-decoration" "none" ]
[ ul
[]
[ li []
[ h3 [] [ text article.title ]
, p [] [ text article.subtitle ]
[ Link.link (Link.internal route_)
[ style "text-decoration" "none" ]
[ ul
[]
[ li []
[ h3 [] [ text article.title ]
, p [] [ text article.subtitle ]
]
]
]
-- , span [ class "marginnote", style "margin-right" "0" ] [ text (Date.toIsoString article.published) ]
]
-- , span [ class "marginnote", style "margin-right" "0" ] [ text (Date.toIsoString article.published) ]
]

23
app/Route/Blog/Slug_.elm
View File

@ -7,23 +7,21 @@ import FatalError exposing (FatalError)
import Head
import Head.Seo as Seo
import Html.Styled exposing (..)
import Html.Styled.Attributes exposing (style, class)
import Link exposing (Link)
import Html.Styled.Attributes exposing (class, style)
import Json.Decode as Decode exposing (Decoder)
import Json.Decode.Extra
import Link exposing (Link)
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import Pages.Url
import PagesMsg exposing (PagesMsg)
import Route
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import View exposing (View)
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import TailwindMarkdownRenderer
import Tailwind.Utilities as Tw
import TailwindMarkdownRenderer
import View exposing (View)
type alias Model =
@ -64,6 +62,7 @@ type alias Data =
, body : List Markdown.Block.Block
}
type alias ActionData =
{}
@ -81,6 +80,7 @@ type alias ArticleMetadata =
, subtitle : String
, description : String
, published : Date
-- , image : Pages.Url.Url
, draft : Bool
}
@ -111,6 +111,7 @@ frontmatterDecoder =
|> Decode.map (Maybe.withDefault False)
)
head :
App Data ActionData RouteParams
-> List Head.Tag
@ -136,7 +137,9 @@ view :
-> Shared.Model
-> View (PagesMsg Msg)
view app shared =
let rendered = (app.data.body |> Markdown.Renderer.render TailwindMarkdownRenderer.renderer) |> Result.withDefault []
let
rendered =
(app.data.body |> Markdown.Renderer.render TailwindMarkdownRenderer.renderer) |> Result.withDefault []
in
{ title = app.data.metadata.title
, body =

25
app/Route/Book.elm
View File

@ -10,20 +10,18 @@ import Html.Styled exposing (..)
import Html.Styled.Attributes as Attributes
import Json.Decode as Decode exposing (Decoder)
import Json.Decode.Extra
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import Pages.Url
import PagesMsg exposing (PagesMsg)
import Route exposing (Route)
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import View exposing (View)
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import TailwindMarkdownRenderer
import Tailwind.Utilities as Tw
import TailwindMarkdownRenderer
import View exposing (View)
type alias Model =
@ -33,9 +31,11 @@ type alias Model =
type alias Msg =
()
type alias RouteParams =
{}
route : StatelessRoute RouteParams Data ActionData
route =
RouteBuilder.single
@ -46,7 +46,8 @@ route =
type alias Data =
List (Route, Article.ArticleMetadata)
List ( Route, Article.ArticleMetadata )
type alias ActionData =
{}
@ -55,7 +56,8 @@ type alias ActionData =
data : BackendTask FatalError Data
data =
Article.osxAllMetadata
|> BackendTask.allowFatal
|> BackendTask.allowFatal
head :
App Data ActionData RouteParams
@ -218,4 +220,5 @@ view app shared =
}
linkexternal src title = Link.link (Link.external src) [Attributes.target "_blank"] [text title]
linkexternal src title =
Link.link (Link.external src) [ Attributes.target "_blank" ] [ text title ]

424
app/Route/Index.elm
View File

@ -5,14 +5,14 @@ import FatalError exposing (FatalError)
import Head
import Head.Seo as Seo
import Html.Styled exposing (..)
import Html.Styled.Attributes exposing (style, target, src, class)
import Html.Styled.Attributes exposing (class, src, style, target)
import Link exposing (Link)
import Pages.Url
import PagesMsg exposing (PagesMsg)
import UrlPath
import Route
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import UrlPath
import View exposing (View)
@ -77,152 +77,164 @@ withSpacing : (List (Html msg) -> Html msg) -> List (Html msg) -> Html msg
withSpacing element =
List.intersperse (text " ") >> element
view :
App Data ActionData RouteParams
-> Shared.Model
-> View (PagesMsg Msg)
view app shared =
{ title = "nganhkhoa"
, body = [ article [ class "paperlike" ]
[ -- header
h1 [] [ text "Me" ]
, body =
[ article [ class "paperlike" ]
[ -- header
h1 [] [ text "Me" ]
, section []
[
p []
[ text "I am a Security Engineer. My expertise lies in many parts of binary and program analysis. In the past, I have done works on many technical aspect. I believe that most complex parts of Computer Science can be broken down into bytes and bits."
, span [ class "marginnote" ] [ img [ src "/nganhkhoa.png" ] [] ]
[ p []
[ text "I am a Security Engineer. My expertise lies in many parts of binary and program analysis. In the past, I have done works on many technical aspect. I believe that most complex parts of Computer Science can be broken down into bytes and bits."
, span [ class "marginnote" ] [ img [ src "/nganhkhoa.png" ] [] ]
]
, p []
[ text "I also enjoy deep research. I have done a few research deeply on memory forensics and binary formats. I write papers about my research, but as an unexperienced researcher, I am still struggling to get them published."
]
, p []
[ text "I currently work at"
, text " "
, quicklinks "verichains" "Verichains"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "A security company with renowned reputation." ]
, text ", before that, I was working under"
, text " "
, quicklinks "bshield" "BShield"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "A mobile protection platform." ]
, text "."
, text " "
, text "BShield is now under Verichains, serving as the product of Verichains. My work including research for both Verichains and BShield, blockchain and mobile security."
]
, p []
[ text "I was an active member of"
, text " "
, quicklinks "efiens" "Efiens"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "CTF team of Ho Chi Minh University of Technology, Vietnam. Our team has won prizes in national and international competitions. Founded 2016, inactive since 2021, superceeded by", text " ", quicklinks "bkisc" "BKISC", text "." ]
, text "."
, text " "
, text "While a member, I actively play CTF under the category Reverse Engineering. I became a leader in the later days of the team, guiding young members into CTF and Computer Security."
]
, p []
[ text "I also have strong interest in Programming Language Theory, and its related fields. I currently working my way through many resources to gain knowledge around these research areas. The field is absurbly big, which is why I keep my own resource"
, text " "
, quicklinks "https://www.remnote.com/a/Programming-Language-Theory/666e6d5e5695861cc2deda4b" "here"
, text "."
]
]
, p []
[ text "I also enjoy deep research. I have done a few research deeply on memory forensics and binary formats. I write papers about my research, but as an unexperienced researcher, I am still struggling to get them published."
]
, p []
[ text "I currently work at", text " "
, quicklinks "verichains" "Verichains"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "A security company with renowned reputation." ]
, text ", before that, I was working under", text " "
, quicklinks "bshield" "BShield"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "A mobile protection platform." ]
, text ".", text " "
, text "BShield is now under Verichains, serving as the product of Verichains. My work including research for both Verichains and BShield, blockchain and mobile security."
]
, p []
[ text "I was an active member of", text " "
, quicklinks "efiens" "Efiens"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "CTF team of Ho Chi Minh University of Technology, Vietnam. Our team has won prizes in national and international competitions. Founded 2016, inactive since 2021, superceeded by", text " ", quicklinks "bkisc" "BKISC", text "." ]
, text ".", text " "
, text "While a member, I actively play CTF under the category Reverse Engineering. I became a leader in the later days of the team, guiding young members into CTF and Computer Security."
]
, p []
[ text "I also have strong interest in Programming Language Theory, and its related fields. I currently working my way through many resources to gain knowledge around these research areas. The field is absurbly big, which is why I keep my own resource"
, text " "
, quicklinks "https://www.remnote.com/a/Programming-Language-Theory/666e6d5e5695861cc2deda4b" "here"
, text "."
]
]
, h1 [] [ text "Projects" ]
, section []
[ p []
[ text "I have worked on multiple technologies in Computer Science, including compliers, memory forensics, Windows internal, Linux system, NFC card, cryptography, binary formats. Across the years, I have also read many big codebases of big projects. The following list shows my past projects over the years"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "LLVM, Volatility, dyld3, objc4, QEMU" ]
, text "."
[ p []
[ text "I have worked on multiple technologies in Computer Science, including compliers, memory forensics, Windows internal, Linux system, NFC card, cryptography, binary formats. Across the years, I have also read many big codebases of big projects. The following list shows my past projects over the years"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "LLVM, Volatility, dyld3, objc4, QEMU" ]
, text "."
]
, projects
, publications
, blabla
]
, projects
, publications
, blabla
]
]]
]
}
projects : Html msg
projects =
div []
[ section []
[ h2 [] [text "TSSHOCK"]
, p []
[ text "I was a part of the team that helped unveiling the vulnerabilities in many implementations of ECDSA Threshold Signature Scheme protocol by Gennaro and Goldfeder"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "In public key cryptosystem, signing messages usually involves one party with one private key. Threshold Signature Scheme allows more than one party to participate to the signing process while keeping only one private key used. Missing a signing party would be impossible to sign messages. Across the whole process, the private key is kept unknown to all parties. Gennaro and Goldfeder (GG18/GG20) proposed a protocol, which is now superceeded by MPC-CMP." ]
, text ".", text " "
, text "Our findings was publicly announced and published at two major security conventions,"
, text " ", quicklinks "tsshockblackhat" "Black Hat USA 2023"
, text " ", text "and"
, text " ", quicklinks "tsshockhitb" "Hack In The Box Phuket 2023"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Duy Hieu Nguyen, Anh Khoa Nguyen, Huu Giap Nguyen, Thanh Nguyen and Anh Quynh Nguyen. TSSHOCK: Breaking MPC Wallets and Digital Custodians for $BILLION$ Profit. 2023"
[ section []
[ h2 [] [ text "TSSHOCK" ]
, p []
[ text "I was a part of the team that helped unveiling the vulnerabilities in many implementations of ECDSA Threshold Signature Scheme protocol by Gennaro and Goldfeder"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "In public key cryptosystem, signing messages usually involves one party with one private key. Threshold Signature Scheme allows more than one party to participate to the signing process while keeping only one private key used. Missing a signing party would be impossible to sign messages. Across the whole process, the private key is kept unknown to all parties. Gennaro and Goldfeder (GG18/GG20) proposed a protocol, which is now superceeded by MPC-CMP." ]
, text "."
, text " "
, text "Our findings was publicly announced and published at two major security conventions,"
, text " "
, quicklinks "tsshockblackhat" "Black Hat USA 2023"
, text " "
, text "and"
, text " "
, quicklinks "tsshockhitb" "Hack In The Box Phuket 2023"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Duy Hieu Nguyen, Anh Khoa Nguyen, Huu Giap Nguyen, Thanh Nguyen and Anh Quynh Nguyen. TSSHOCK: Breaking MPC Wallets and Digital Custodians for $BILLION$ Profit. 2023"
]
, text "."
]
]
, section []
[ h2 [] [ text "Vietnam Citizen Card Audits" ]
, p []
[ text "I was working on an application using our country citizen card when I realized that many (in production) NFC eKYC applications might not working properly because they lack the understanding of cryptographic protocols required for securely communication with the NFC card. My team and I built a simulation device for the ICAO 9303"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Doc 9303: Machine Readable Travel Documents. ICAO."
]
, text " "
, text "and conducting security analysis of government applications."
, text " "
, text "This work is the preliminary research for our BShield Secure-ID product, which helps secure the NFC scanning of citizen card, assuring genuine information."
]
]
, section []
[ h2 [] [ text "Research Mach-O binary format" ]
, p []
[ text "Mach-O is the binary format used exclusively in Apple devices. I started researching about this format when I first joined BShield. I had an idea back then about how we can simulate the loader to control imports. Years later, I build a Proof of Concept around the idea. Using loader simulation, we can build an obfuscator or a hooking tool. Details are disclosed in the paper."
]
]
, section []
[ h2 [] [ text "LLVM based Obfuscation" ]
, p []
[ text "I fork and built an obfuscator based on LLVM, first mentioned in Obfuscator-LLVM"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Pascal Junod and Julien Rinaldini and Johan Wehrli and Julie Michielin. Obfuscator-LLVM -- Software Protection for the Masses. 2015."
]
, text "."
, text " "
, text "With my team, we ported Mixed Boolean-Arithmetic"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Yongxin Zhou, Alec Main, Yuan X. Gu, and Harold Johnson. Information Hiding in Software with Mixed Boolean-Arithmetic Transforms. In Proceedings of the 8th International Conference on Information Security Applications (WISA07), 2007."
]
, text " "
, text "to be used in the obfuscator, which has not been previously discussed in the original implementation of Obfuscator-LLVM. Other ideas were also implemented. We also update to use LLVM 14, with the support for new pass manager alongside the legacy pass manager. A CTF challenge was released obfuscated using this obfuscator in"
, text " "
, quicklinks "tetctf2022" "TetCTF 2022"
, text "."
]
]
, section []
[ h2 [] [ text "Windows Live Memory Forensics" ]
, p []
[ text "My first research project started as a bachelor thesis. I built a memory forensics tool working on virtual memory. For the success of this project, I have learned Windows kernel driver, memory forensics techniques, and studied the Volatility source code. The prototype was capable of inspecting the kernel memory, viewing kernel global variables, and perform Pool Tag Quick Scanning"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Joe T. Sylve, Vico Marziale, Golden G. Richard. Pool tag quick scanning for windows memory analysis. 2016."
]
, text "."
, text " "
, text "The work is later improved to search for code injection by my junior in Efiens."
]
, text "."
]
]
, section []
[ h2 [] [text "Vietnam Citizen Card Audits"]
, p []
[ text "I was working on an application using our country citizen card when I realized that many (in production) NFC eKYC applications might not working properly because they lack the understanding of cryptographic protocols required for securely communication with the NFC card. My team and I built a simulation device for the ICAO 9303"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Doc 9303: Machine Readable Travel Documents. ICAO."
]
, text " "
, text "and conducting security analysis of government applications."
, text " "
, text "This work is the preliminary research for our BShield Secure-ID product, which helps secure the NFC scanning of citizen card, assuring genuine information."
]
]
, section []
[ h2 [] [text "Research Mach-O binary format"]
, p []
[ text "Mach-O is the binary format used exclusively in Apple devices. I started researching about this format when I first joined BShield. I had an idea back then about how we can simulate the loader to control imports. Years later, I build a Proof of Concept around the idea. Using loader simulation, we can build an obfuscator or a hooking tool. Details are disclosed in the paper."
]
]
, section []
[ h2 [] [text "LLVM based Obfuscation"]
, p []
[ text "I fork and built an obfuscator based on LLVM, first mentioned in Obfuscator-LLVM"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Pascal Junod and Julien Rinaldini and Johan Wehrli and Julie Michielin. Obfuscator-LLVM -- Software Protection for the Masses. 2015."
]
, text ".", text " "
, text "With my team, we ported Mixed Boolean-Arithmetic"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Yongxin Zhou, Alec Main, Yuan X. Gu, and Harold Johnson. Information Hiding in Software with Mixed Boolean-Arithmetic Transforms. In Proceedings of the 8th International Conference on Information Security Applications (WISA07), 2007."
]
, text " "
, text "to be used in the obfuscator, which has not been previously discussed in the original implementation of Obfuscator-LLVM. Other ideas were also implemented. We also update to use LLVM 14, with the support for new pass manager alongside the legacy pass manager. A CTF challenge was released obfuscated using this obfuscator in"
, text " "
, quicklinks "tetctf2022" "TetCTF 2022"
, text "."
]
]
, section []
[ h2 [] [text "Windows Live Memory Forensics"]
, p []
[ text "My first research project started as a bachelor thesis. I built a memory forensics tool working on virtual memory. For the success of this project, I have learned Windows kernel driver, memory forensics techniques, and studied the Volatility source code. The prototype was capable of inspecting the kernel memory, viewing kernel global variables, and perform Pool Tag Quick Scanning"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ]
[ text "Joe T. Sylve, Vico Marziale, Golden G. Richard. Pool tag quick scanning for windows memory analysis. 2016."
]
, text ".", text " "
, text "The work is later improved to search for code injection by my junior in Efiens."
]
]
]
publications : Html msg
publications =
section []
[ h1 [] [text "Publications"]
, p [] [
text "Most of my publications are drafts and not reviewed paper. Because I am not in an academic environment so I do not know how to publish."
]
[ h1 [] [ text "Publications" ]
, p []
[ text "Most of my publications are drafts and not reviewed paper. Because I am not in an academic environment so I do not know how to publish."
]
, withSpacing (p [])
[ text "Simulating Loader for Mach-O Binary Obfuscation and Hooking."
, text "Anh Khoa Nguyen, Thien Nhan Nguyen."
@ -250,7 +262,7 @@ publications =
, quicklinks "tsshockvideohitb" "[HITB Recordings]"
]
, br [] []
, h2 [] [text "Dissertations"]
, h2 [] [ text "Dissertations" ]
, withSpacing (p [])
[ text "After I graduated, I often advise undergraduate students on their dissertations."
, text "The list below contains my dissertation and dissertations I advised."
@ -297,6 +309,7 @@ publications =
, text "Advisors: An Khuong Nguyen, Anh Khoa Nguyen."
, br [] []
, text "Year: Expecting 2025"
-- , br [] []
-- , quicklinks "powershellsandbox" "[pdf]"
]
@ -308,11 +321,13 @@ publications =
, text "Advisors: An Khuong Nguyen, Anh Khoa Nguyen."
, br [] []
, text "Year: Expecting 2025"
-- , br [] []
-- , quicklinks "powershellsandbox" "[pdf]"
]
]
blabla : Html msg
blabla =
section []
@ -323,69 +338,140 @@ blabla =
, quicklinks "https://research.ralfj.de/thesis.html" "thesis"
, label [ class "sidenote-number" ] []
, span [ class "sidenote" ] [ text "Jung, Ralf. Understanding and evolving the Rust programming language. 2020." ]
, text ",", text " "
, text ","
, text " "
, text "I amazed how clean the text was due to all the references are introduced at the right side. Later that I found out the format was based on Tufte design and began using it for this website."
]
, p []
[ text "I use Neovim, can't live without those Vim motions. Neovim GUI that I use is"
, text " "
, quicklinks "https://neovide.dev/" "Neovide"
, text ",", text " "
, text ","
, text " "
, text "which I also contributed to add the prompts on Windows right-click menu and copy pasting while on remote connection."
]
, p []
[ text "Linux distribution that I prefer is"
, text " "
, quicklinks "https://artixlinux.org/" "Artix Linux"
, text ".", text " "
, text "I enjoy when everything is barebone and at the edge, most setup are mine and I can figure out things faster when I am the one doing the setup. I choose Artix over the vanila Arch Linux because does there is no systemd." ]
, text "."
, text " "
, text "I enjoy when everything is barebone and at the edge, most setup are mine and I can figure out things faster when I am the one doing the setup. I choose Artix over the vanila Arch Linux because does there is no systemd."
]
, p []
[ text "You might not see me active on Github, because I have my own Git server storing my projects (personal and job). I also run my own VPN server through Wireguard. I just like doing many things by myself."
]
]
quicklinks link title =
let
linkexternal src = Link.link (Link.external src) [target "_blank"] [text title]
linkinternal src = case src of
"blog" -> Link.link (Link.internal (Route.Blog__Slug_ { slug = "" })) [] [ text title ]
"osx" -> Link.link (Link.internal (Route.Osx__Slug_ { slug = "" })) [] [ text title ]
"book" -> Link.link (Link.internal Route.Book) [] [ text title ]
_ -> Link.link (Link.external "") [] [text title]
linkexternal src =
Link.link (Link.external src) [ target "_blank" ] [ text title ]
linkinternal src =
case src of
"blog" ->
Link.link (Link.internal (Route.Blog__Slug_ { slug = "" })) [] [ text title ]
"osx" ->
Link.link (Link.internal (Route.Osx__Slug_ { slug = "" })) [] [ text title ]
"book" ->
Link.link (Link.internal Route.Book) [] [ text title ]
_ ->
Link.link (Link.external "") [] [ text title ]
in
case link of
"github" -> linkexternal "https://github.com/nganhkhoa"
"git" -> linkexternal "https://git.nganhkhoa.com"
"efiens" -> linkexternal "https://blog.efiens.com/author/luibo"
"bshield" -> linkexternal "https://bshield.io"
"verichains" -> linkexternal "https://verichains.io"
"bkisc" -> linkexternal "https://bkisc.com/"
"elm" -> linkexternal "https://elm-pages.com"
-- tsshock
"gg" -> linkexternal "https://eprint.iacr.org/2019/114"
"tsshockblackhat" -> linkexternal "https://www.blackhat.com/us-23/briefings/schedule/#tsshock-breaking-mpc-wallets-and-digital-custodians-for-billion-profit-33343"
"tsshockhitb" -> linkexternal "https://conference.hitb.org/hitbsecconf2023hkt/session/tsshock-breaking-mpc-wallets-and-digital-custodians/"
"tsshockwebsite" -> linkexternal "https://verichains.io/tsshock"
"tsshockwhitepaper" -> linkexternal "https://www.verichains.io/tsshock/verichains-tsshock-wp-v1.0.pdf"
"tsshockvideohitb" -> linkexternal "https://youtu.be/1ks2jcS7UE4"
"tsshockvideoblackhat" -> linkexternal "https://youtu.be/5mlQb8PEF3A"
-- ollvm
"ollvm" -> linkexternal "https://doi.org/10.1109/SPRO.2015.10"
"mba" -> linkexternal "https://doi.org/10.1007/978-3-540-77535-5_5"
"tetctf2022" -> linkexternal "https://twitter.com/hgarrereyn/status/1477919411977830402"
-- memory forensics
"poolscan" -> linkexternal "https://doi.org/10.1016/j.diin.2016.01.005"
-- site resources
"cv" -> linkexternal "/cv.pdf"
"blog" -> linkinternal "blog"
"osx" -> linkinternal "osx"
"book" -> linkinternal "book"
-- pdfs
"memorypoolscan" -> linkexternal "https://drive.google.com/file/d/1Z_cKtBsi_gm8ugsrnAEPo-Wmx9GAuaSK/view?usp=sharing"
"memoryinjection" -> linkexternal "https://drive.google.com/file/d/1X18tr4OvcNYRoyxzTcsxM_MgjcqVW1sk/view?usp=sharing"
"powershellsandbox" -> linkexternal "https://drive.google.com/file/d/1Fm1YVAxD-A-zjVvRwBPa-IhZ1Y8ImEyv/view?usp=sharing"
"macho" -> linkexternal "/papers/macho-obfuscation.pdf"
"macho-git" -> linkexternal "https://git.nganhkhoa.com/dot/macho"
"live-memory-forensics" -> linkexternal "/papers/live-memory-forensics.pdf"
_ -> linkexternal link
"github" ->
linkexternal "https://github.com/nganhkhoa"
"git" ->
linkexternal "https://git.nganhkhoa.com"
"efiens" ->
linkexternal "https://blog.efiens.com/author/luibo"
"bshield" ->
linkexternal "https://bshield.io"
"verichains" ->
linkexternal "https://verichains.io"
"bkisc" ->
linkexternal "https://bkisc.com/"
"elm" ->
linkexternal "https://elm-pages.com"
-- tsshock
"gg" ->
linkexternal "https://eprint.iacr.org/2019/114"
"tsshockblackhat" ->
linkexternal "https://www.blackhat.com/us-23/briefings/schedule/#tsshock-breaking-mpc-wallets-and-digital-custodians-for-billion-profit-33343"
"tsshockhitb" ->
linkexternal "https://conference.hitb.org/hitbsecconf2023hkt/session/tsshock-breaking-mpc-wallets-and-digital-custodians/"
"tsshockwebsite" ->
linkexternal "https://verichains.io/tsshock"
"tsshockwhitepaper" ->
linkexternal "https://www.verichains.io/tsshock/verichains-tsshock-wp-v1.0.pdf"
"tsshockvideohitb" ->
linkexternal "https://youtu.be/1ks2jcS7UE4"
"tsshockvideoblackhat" ->
linkexternal "https://youtu.be/5mlQb8PEF3A"
-- ollvm
"ollvm" ->
linkexternal "https://doi.org/10.1109/SPRO.2015.10"
"mba" ->
linkexternal "https://doi.org/10.1007/978-3-540-77535-5_5"
"tetctf2022" ->
linkexternal "https://twitter.com/hgarrereyn/status/1477919411977830402"
-- memory forensics
"poolscan" ->
linkexternal "https://doi.org/10.1016/j.diin.2016.01.005"
-- site resources
"cv" ->
linkexternal "/cv.pdf"
"blog" ->
linkinternal "blog"
"osx" ->
linkinternal "osx"
"book" ->
linkinternal "book"
-- pdfs
"memorypoolscan" ->
linkexternal "https://drive.google.com/file/d/1Z_cKtBsi_gm8ugsrnAEPo-Wmx9GAuaSK/view?usp=sharing"
"memoryinjection" ->
linkexternal "https://drive.google.com/file/d/1X18tr4OvcNYRoyxzTcsxM_MgjcqVW1sk/view?usp=sharing"
"powershellsandbox" ->
linkexternal "https://drive.google.com/file/d/1Fm1YVAxD-A-zjVvRwBPa-IhZ1Y8ImEyv/view?usp=sharing"
"macho" ->
linkexternal "/papers/macho-obfuscation.pdf"
"macho-git" ->
linkexternal "https://git.nganhkhoa.com/dot/macho"
"live-memory-forensics" ->
linkexternal "/papers/live-memory-forensics.pdf"
_ ->
linkexternal link

42
app/Route/Osx.elm
View File

@ -10,20 +10,18 @@ import Html.Styled exposing (..)
import Html.Styled.Attributes as Attributes
import Json.Decode as Decode exposing (Decoder)
import Json.Decode.Extra
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import Pages.Url
import PagesMsg exposing (PagesMsg)
import Route exposing (Route)
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import View exposing (View)
import Link
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import TailwindMarkdownRenderer
import Tailwind.Utilities as Tw
import TailwindMarkdownRenderer
import View exposing (View)
type alias Model =
@ -33,9 +31,11 @@ type alias Model =
type alias Msg =
()
type alias RouteParams =
{}
route : StatelessRoute RouteParams Data ActionData
route =
RouteBuilder.single
@ -46,7 +46,8 @@ route =
type alias Data =
List (Route, Article.ArticleMetadata)
List ( Route, Article.ArticleMetadata )
type alias ActionData =
{}
@ -55,7 +56,8 @@ type alias ActionData =
data : BackendTask FatalError Data
data =
Article.osxAllMetadata
|> BackendTask.allowFatal
|> BackendTask.allowFatal
head :
App Data ActionData RouteParams
@ -88,26 +90,28 @@ view app shared =
[ p []
[ text "For years, I learned how the Apple binary format works. There are blog posts that I wrote when I first started learning about them. If you want to read them, here they are below, ported from the efiens blog."
, ul []
(List.map (\item -> li [] [item]) oldBlogs)
(List.map (\item -> li [] [ item ]) oldBlogs)
, br [] []
, text "Through understanding the loading process of Mach-O, I devised a technique for obfuscation and hooking. In the following whitepaper, I writeup all steps in this obfuscation scheme."
, br [] []
, Link.link (Link.external whitepaper)
[Attributes.target "_blank"]
[text "whitepaper"]
[ Attributes.target "_blank" ]
[ text "whitepaper" ]
]
]
]
}
oldBlogs : List (Html msg)
oldBlogs =
[ (Link.link (Link.internal (Route.Osx__Slug_ { slug = "macho" })) [] [text "Macho"] )
, (Link.link (Link.internal (Route.Osx__Slug_ { slug = "linker" })) [] [text "Linker"] )
, (Link.link (Link.internal (Route.Osx__Slug_ { slug = "fairplay" })) [] [text "Fairplay"] )
, (Link.link (Link.internal (Route.Osx__Slug_ { slug = "injection" })) [] [text "Injection"] )
[ Link.link (Link.internal (Route.Osx__Slug_ { slug = "macho" })) [] [ text "Macho" ]
, Link.link (Link.internal (Route.Osx__Slug_ { slug = "linker" })) [] [ text "Linker" ]
, Link.link (Link.internal (Route.Osx__Slug_ { slug = "fairplay" })) [] [ text "Fairplay" ]
, Link.link (Link.internal (Route.Osx__Slug_ { slug = "injection" })) [] [ text "Injection" ]
]
whitepaper : String
whitepaper = "/papers/macho-obfuscation.pdf"
whitepaper : String
whitepaper =
"/papers/macho-obfuscation.pdf"

27
app/Route/Osx/Slug_.elm
View File

@ -7,23 +7,21 @@ import FatalError exposing (FatalError)
import Head
import Head.Seo as Seo
import Html.Styled exposing (..)
import Html.Styled.Attributes exposing (style, class)
import Link exposing (Link)
import Html.Styled.Attributes exposing (class, style)
import Json.Decode as Decode exposing (Decoder)
import Json.Decode.Extra
import Pages.Url
import PagesMsg exposing (PagesMsg)
import RouteBuilder exposing (App, StatelessRoute)
import Route
import Shared
import View exposing (View)
import Link exposing (Link)
import Markdown.Block
import Markdown.Renderer
import MarkdownCodec
import TailwindMarkdownRenderer
import Pages.Url
import PagesMsg exposing (PagesMsg)
import Route
import RouteBuilder exposing (App, StatelessRoute)
import Shared
import Tailwind.Utilities as Tw
import TailwindMarkdownRenderer
import View exposing (View)
type alias Model =
@ -64,6 +62,7 @@ type alias Data =
, body : List Markdown.Block.Block
}
type alias ActionData =
{}
@ -81,6 +80,7 @@ type alias ArticleMetadata =
, subtitle : String
, description : String
, published : Date
-- , image : Pages.Url.Url
, draft : Bool
}
@ -111,6 +111,7 @@ frontmatterDecoder =
|> Decode.map (Maybe.withDefault False)
)
head :
App Data ActionData RouteParams
-> List Head.Tag
@ -136,7 +137,9 @@ view :
-> Shared.Model
-> View (PagesMsg Msg)
view app shared =
let rendered = (app.data.body |> Markdown.Renderer.render TailwindMarkdownRenderer.renderer) |> Result.withDefault []
let
rendered =
(app.data.body |> Markdown.Renderer.render TailwindMarkdownRenderer.renderer) |> Result.withDefault []
in
{ title = app.data.metadata.title
, body =

25
app/Shared.elm
View File

@ -3,18 +3,18 @@ module Shared exposing (Data, Model, Msg(..), SharedMsg(..), template)
import BackendTask exposing (BackendTask)
import Effect exposing (Effect)
import FatalError exposing (FatalError)
import Header exposing (header)
import Html exposing (Html)
import Html.Styled
import Html.Styled.Events
import Link exposing (Link)
import Pages.Flags
import Pages.PageUrl exposing (PageUrl)
import UrlPath exposing (UrlPath)
import Route exposing (Route)
import SharedTemplate exposing (SharedTemplate)
import UrlPath exposing (UrlPath)
import View exposing (View)
import Header exposing (header)
import Link exposing (Link)
template : SharedTemplate Msg Model Data msg
template =
@ -96,20 +96,23 @@ view :
-> { body : List (Html msg), title : String }
view tableOfContents page model toMsg pageView =
{ body =
[
header
[ header
|> Html.Styled.toUnstyled
-- ((View.Header.view ToggleMobileMenu 123 page.path
-- |> Html.Styled.map toMsg
-- ((View.Header.view ToggleMobileMenu 123 page.path
-- |> Html.Styled.map toMsg
-- )
-- :: TableOfContents.view model.showMobileMenu False Nothing tableOfContents
, pageView.body
-- )
-- :: TableOfContents.view model.showMobileMenu False Nothing tableOfContents
, pageView.body
-- )
|> Html.Styled.div []
|> Html.Styled.toUnstyled
]
, title = pageView.title
}
-- view sharedData page model toMsg pageView =
-- { body =
-- [ Html.Styled.nav []
@ -118,7 +121,6 @@ view tableOfContents page model toMsg pageView =
-- [ Html.Styled.text
-- (if model.showMenu then
-- "Close Menu"
-- else
-- "Open Menu"
-- )
@ -128,7 +130,6 @@ view tableOfContents page model toMsg pageView =
-- [ Html.Styled.li [] [ Html.Styled.text "Menu item 1" ]
-- , Html.Styled.li [] [ Html.Styled.text "Menu item 2" ]
-- ]
-- else
-- Html.Styled.text ""
-- ]

1
app/Site.elm
View File

@ -16,6 +16,7 @@ config =
head : BackendTask FatalError (List Head.Tag)
head =
[ Head.metaName "viewport" (Head.raw "width=device-width,initial-scale=1")
-- , Head.nonLoadingNode "link"
-- [ ( "rel", Head.raw "stylesheet" )
-- , ( "crossorigin", Head.raw "anonymous" )

73
src/Article.elm
View File

@ -1,14 +1,18 @@
module Article exposing (..)
-- import Cloudinary
import BackendTask
import BackendTask.File as File
import BackendTask.Glob as Glob
-- import Cloudinary
import Date exposing (Date)
import FatalError exposing (FatalError)
import Json.Decode as Decode exposing (Decoder)
import Pages.Url exposing (Url)
import Route
-- import UnsplashImage
@ -27,55 +31,71 @@ contentPostsGlob folder =
|> Glob.match (Glob.literal ".md")
|> Glob.toBackendTask
blogPostsGlob = contentPostsGlob "blog/"
osxPostsGlob = contentPostsGlob "osx/"
blogPostsGlob =
contentPostsGlob "blog/"
osxPostsGlob =
contentPostsGlob "osx/"
allMetadata :
(String -> Route.Route)
-> BackendTask.BackendTask
{ fatal : FatalError, recoverable : File.FileReadError Decode.Error }
(List BlogPost)
-> BackendTask.BackendTask
-- error
{ fatal : FatalError, recoverable : File.FileReadError Decode.Error }
(List (Route.Route, ArticleMetadata))
->
BackendTask.BackendTask
{ fatal : FatalError, recoverable : File.FileReadError Decode.Error }
(List BlogPost)
->
BackendTask.BackendTask
-- error
{ fatal : FatalError, recoverable : File.FileReadError Decode.Error }
(List ( Route.Route, ArticleMetadata ))
allMetadata routeBuilder posts =
posts
posts
|> BackendTask.map
(\paths ->
paths
|> List.map
(\{ filePath, slug } ->
BackendTask.map2 Tuple.pair
(BackendTask.succeed <| (routeBuilder slug))
(File.onlyFrontmatter frontmatterDecoder filePath)
)
|> List.map
(\{ filePath, slug } ->
BackendTask.map2 Tuple.pair
(BackendTask.succeed <| routeBuilder slug)
(File.onlyFrontmatter frontmatterDecoder filePath)
)
)
|> BackendTask.resolve
|> BackendTask.map
(\articles ->
articles
|> List.filterMap
(\( route, metadata ) ->
if metadata.draft then
Nothing
else
Just ( route, metadata )
)
|> List.filterMap
(\( route, metadata ) ->
if metadata.draft then
Nothing
else
Just ( route, metadata )
)
)
|> BackendTask.map
(List.sortBy
(\( route, metadata ) -> -(Date.toRataDie metadata.published))
)
blogAllMetadata = allMetadata (\s -> Route.Blog__Slug_ { slug = s }) blogPostsGlob
osxAllMetadata = allMetadata (\s -> Route.Osx__Slug_ { slug = s }) osxPostsGlob
blogAllMetadata =
allMetadata (\s -> Route.Blog__Slug_ { slug = s }) blogPostsGlob
osxAllMetadata =
allMetadata (\s -> Route.Osx__Slug_ { slug = s }) osxPostsGlob
type alias ArticleMetadata =
{ title : String
, subtitle : String
, summary : String
, published : Date
-- , image : Url
, draft : Bool
}
@ -111,6 +131,7 @@ frontmatterDecoder =
)
-- imageDecoder : Decoder Url
-- imageDecoder =
-- Decode.string