🚀 Deep Dive into Assembly: Efficient Single-Pass IP-to-String Conversion

Network Programming in Assembly: A Single-Pass Algorithm for Printing IP Addresses

When doing low-level network programming in Assembly, you experience firsthand the immense chaos running behind the scenes of operations we solve with a single line in high-level languages (Python, C, etc.). While developing the Nested-ICMP-Communication Analysis project, specifically an Encapsulated ICMP framework, I hit exactly this kind of wall: extracting an IP address from a packet header and printing it to the screen in the correct format.

Sounds simple, right? However, when x86 architecture and network protocols are involved, seeing 5.1.168.192 instead of 192.168.1.5 on your terminal is extremely common.

So why does this happen, and what kind of algorithm did I develop to overcome this issue during the debugging process? Let's dive into the background.

🚀 Raw ICMP Sniffing with x64 Assembly

 

🚀 Building a Low-Level ICMP Sniffer in x64 Assembly (Raw Sockets)

Introduction

In the realm of network security and packet analysis, tools like Python (Scapy) or C are the usual go-tos. However, when we want to strip away all abstraction layers from the OS network stack and talk directly to the processor, resources become incredibly scarce. Finding modern, zero-dependency networking tools written in x64 Assembly on the internet is almost impossible today.

In this post, we will explore the architecture and design decisions behind my x64 Assembly-based ICMP Sniffer project, completely rejecting standard C libraries (libc) and relying purely on direct Linux system calls (syscalls).

🚀 Udisks2 CVE-2025-6019

🚀 New Vulnerability Analysis: Access Control Vulnerability Analysis in Udisks2

In the world of Linux system security, Race Conditions have always been one of the most dangerous and fascinating vulnerability classes to exploit. Today, I want to discuss my latest Proof of Concept (PoC) published on GitHub: CVE-2025-6019 - udisks2 XFS Resize TOCTOU Privilege Escalation.

In this project, I demonstrate how a "Time-of-Check to Time-of-Use" (TOCTOU) vulnerability during the resizing of XFS filesystems by the udisks2 service can be implemented as a PoC to achieve Local Privilege Escalation (LPE).

    

🚀 Nested-ICMP-Communication Analysis: Vulnerability Research on ICMP Encapsulation

Research Objectives

"This project is designed to help Red Team operators and Blue Team defenders understand non-traditional protocol encapsulation. The goal is to improve network anomaly detection systems by identifying edge-case vulnerabilities in packet parsing logic."

Introduction

In the evolving landscape of network security, focus often remains on TCP and UDP protocols. However, the Internet Control Message Protocol (ICMP), frequently associated with basic diagnostic tests, offers a sophisticated architecture for advanced network protocol research.

In this post, I will introduce my latest project: Nested-ICMP-Communication Analysis. We will perform a technical deep dive into how data can be "nested" within ICMP structures to evaluate modern security boundaries.