Deep Dive into Assembly: Efficient Single-Pass IP-to-String Conversion

Network Programming in Assembly: A Single-Pass Algorithm for Printing IP Addresses

When doing low-level network programming in Assembly, you experience firsthand the immense chaos running behind the scenes of operations we solve with a single line in high-level languages (Python, C, etc.). While developing the Nested-ICMP-Exploitation project, specifically an ICMP tunneling engine, I hit exactly this kind of wall: extracting an IP address from a packet header and printing it to the screen in the correct format.

Sounds simple, right? However, when x86 architecture and network protocols are involved, seeing 5.1.168.192 instead of 192.168.1.5 on your terminal is extremely common.

So why does this happen, and what kind of algorithm did I develop to overcome this issue during the debugging process? Let's dive into the background.

Raw ICMP Sniffing with x64 Assembly

 

🚀 Building a Low-Level ICMP Sniffer in x64 Assembly (Raw Sockets)

Introduction

In the realm of network security and packet analysis, tools like Python (Scapy) or C are the usual go-tos. However, when we want to strip away all abstraction layers from the OS network stack and talk directly to the processor, resources become incredibly scarce. Finding modern, zero-dependency networking tools written in x64 Assembly on the internet is almost impossible today.

In this post, we will explore the architecture and design decisions behind my x64 Assembly-based ICMP Sniffer project, completely rejecting standard C libraries (libc) and relying purely on direct Linux system calls (syscalls).

Udisks2 CVE-2025-6019

🚀 New Vulnerability Analysis: udisks2 XFS Resize TOCTOU Privilege Escalation (CVE-2025-6019)

In the world of Linux system security, Race Conditions have always been one of the most dangerous and fascinating vulnerability classes to exploit. Today, I want to discuss my latest Proof of Concept (PoC) published on GitHub: CVE-2025-6019 - udisks2 XFS Resize TOCTOU Privilege Escalation.

In this project, I demonstrate how a "Time-of-Check to Time-of-Use" (TOCTOU) vulnerability during the resizing of XFS filesystems by the udisks2 service can be weaponized to achieve Local Privilege Escalation (LPE).

Nested ICMP

    

🚀 Nested-ICMP-Exploitation: How to Bypass Network Restrictions

Introduction

In the world of networking and cybersecurity, we often focus on TCP and UDP protocols. However, the Internet Control Message Protocol (ICMP), often overlooked and used only for simple ping tests, holds significant potential for advanced network manipulation.

In this post, I will introduce my latest project: Nested-ICMP-Exploitation. We will dive deep into how data can be "nested" within ICMP packets to create covert communication channels.