- about me:
I'm 32 years old, I live in Malta and I'm atheist.
I like free information and I try my best to release everything (interesting or not) I make or find each day because probably in all the world exists at least a person that is searching just what I have made.
As everyone can understand while watching the information in this personal website, I like computers and software's bugs but only because they are the only thing I'm able to do better at the moment.
Then I have a special passion for algorithms but this is not a secret, in fact this passion borns from the need of finding the truth and moreover sharing it, that's why I hate the security through obscurity techniques often (ab)used in software, moreover in games (proprietary protocols, formats and algorithms).
I like the logic and the simplicity that moves everything, even the most complex thing can be easily explained. Usually we see only the final result while we ignore all the simple steps and levels that compose it. That's reassuring.
The last thing that I think is very important is "to create"... it's not important what is your field of interest but is important to create, be creative and share your creations (freely when possible, would be cool).
That's all for the moment, I don't want to be too boring :)
I like to receive e-mails and talking about new possible research projects and ideas so feel free to contact me via e-mail.
If I don't answer your e-mail within a couple of days probably it's not arrived or I have confused it for spam or it has been blocked by your mail server or for me is really impossible to reach the mailbox, so retry.
From October 2012 I'm the Co-Founder of the company ReVuln.
- My policy: optimization of responsible disclosure 0.1
From the 2008 this policy is no longer valid: contacting or not the vendor/developers is now at my discretion (for various reasons).
The old policy I have adopted for the previous 6 years is still available here.
- about my research:
I would say that for me the research is a passion but in reality it's most like an obsession.
My research ranges from finding security bugs to reverse engineering (often the same thing), and probably the only reason why I do all these things is simply because I'm able to do them and moreover to share my philosophy.
In fact I do everything open (open source and full disclosure) and for free at 360 degrees.
When I release an advisory the only thing I want to show is my research, not an "advertisement" or something to raise "hype" or taking "press attention".
I do it not only for philosophical reasons but also for a practical implication: I'm free of doing my research without limits and without secrets and moreover when and how I desire. This is the real meaning of the words "free" and "freedom" applied to computers.
If developers appreciate my work they can credit my name in the changelogs of the patches or in the news of their websites.
Then another thing about security bugs, they are for me only a research in fact I do NOT use the bugs I find simply because there is no reason to do it. I admit that it's against nature but exploiting critical bugs doesn't give me emotions, I like only to find them and releasing the information as soon as possible.
And remember that I find bugs, I don't create them, the developers are the only people who create bugs (obviously not on purpose) so they are ever the only responsible. Sometimes I'm able to create patches or work-arounds for software no longer supported but other times that's not possible or is out of my interest.
Keep that in mind.
Last note: I don't "dress a hat" (black, gray, white, etc) but I simply do my research on my computer and I'm happy that people use and learn from it
As everything in the world is not possible to control the usage of what we create (like the producers of knives just to make an example comprehensible by anyone) so for me is only important that my research has been useful or interesting.
- about licenses:
My stuff uses the GPL where this is reported in the header of the source code (usually all my Research, Mytoolz, Password Recovery and Testing Toolz sections contain GPLed code) while the rest of software can be considered public code (for example my Proof-of-concept and Fake Players).
If you have doubts about what GPL means you need only to know that the first rule is that any program which uses GPL code must be released under GPL.
So, for example, you cannot use my code in your closed source program, you can use my code only if yours is GPL too (or in any case fully open source).
For additional information and examples watch the GPL FAQ and (for developers) take a look at this specific question.
- about jobs or how to help me:
- I could be interested in collaborations and particular projects, so send me an e-mail with the idea/proposal and I will evaluate and discuss it.
- This website is a perfect example of what I do and how I do it so everything related to such stuff is ok.
To private users and donors:
- I do NOT need or want money so I don't accept donations and I don't accept paid jobs, I never did it and I will never do it (hopefully).
- The only way to help me is reporting the small and big errors I do in my documents and my code and proposing new research projects, updates and moreover suggestions... just send me a e-mail and I will reply as soon as possible.
- If you like my stuff and you find it useful then spread the word with your friends and moreover credit me and link my website.
- about my motto:
The things I do are NOT complex, I'm not smart or special so anyone can do the same things without having great skills.
In reality a secret exists, if you create a "necessity" you are more motivated to do that special thing. I use this trick in all my research for forcing myself to learn a specific protocol and doing all the rest and it works enough well.
- about how to use my tools:
All my tools (except rare cases) work from the console (aka command-line tools).
In Windows the console is also known as Windows console, command prompt, command-line or prompt of Ms-Dos (look for cmd.exe or command.com).
Here is located a quick video about launching a couple of my tools.
So if you use this operating system and when you double-click on one of my executables it shows a window and then closes immediately it's all normal, launch it from the console and pass the required arguments.
All my tools show a quick help at runtime specifiying the required <> and optional  arguments.
A quick and ugly step-by-step for dummies is the following:
So you need to use " for specifying spaces in filenames because the console considers each space a new argument, and if you need to specify just a " it's enough to place a backslash before it as in the above examples
- copy the executable you want to use in c:
- go in Start->Run and type: cmd (or command if you use Windows 9x/Me)
- in the black window type: cd \
- now type the name of the executable so you will see all the available options
- when you have decided the arguments to use type them after the executable name
- for example if you use the tool gsinfo you need to specify the host and the port like: gsinfo 127.0.0.1 1234
- other examples:
- wtcced d "c:\documents and settings\myname\desktop\my input file.gmt" "my output file.gmt"
- ventrilofp -n "this is my nick" -p mypassword server.example.com:1234
- gslist -n bfield1942 -f "(numplayers > 10)"
- calcc "(((1+2)*(1^4))*10)/(9-1)"
- echo aGVsbG8K | bde64 d - -
- sleepy 2s argz.exe "\"this is arg1\"" arg2 arg3
Then if you want to stop the program in any moment keep the keys CONTROL and C pressed at the same time
Anyway Internet is full of tutorials for using the console and my tools are for people that use the command-line everyday so use a search engine for any doubt
Another alternative is trying the following experimental tool which lets you to use almost all my tools with a graphical and easy-to-use interface: THEGUI
Note that Windows 7 has a stupid feature that marks any executable with the words "patch" or "setup" in its name as a program that needs Administrator privileges, so if it happens with some of my tools (like lpatch or lfsdumpsetups) it's enough that you rename them removing those words.
- about password recovery and drag'n'drop:
Almost all my password recovery tools which decode the passwords stored in a file allow the usage of drag'n'drop.
When you launch the tool it shows some information and the name or the extension of the file you need to use which is usually located in the folder of the program from which you want to recover the password or in the %APPDATA% folder.
When you have located the file you need only to keep the mouse button pressed on it and move it over the executable of my password recovery tool.
It will automatically show the stored password or passwords.
Anyway remember that my tools are ever made to work from command-line (read the above section) so this drag'n'drop feature is "only" something more confortable.
- about CTRL-F:
The chaos rules on my website so the best way to find what you need is through the Find function (CTRL-F) of your browser.
Luckily now there is also a great SEARCH function integrated in the left menu of the website so finding specific stuff is really a joke.
- about compiling my source code:
I use ever and only Gcc and its Win32 port Mingw to compile my C stuff.
If you use other compilers you could receive some small errors, some of them can be solved replacing the sleep() calls with Sleep(), or passing -DWIN32 to the compiler, or specifying the needed library to link (like ..\lib\ws2_32.lib) and so on.
The following are some basic and quick examples of how to compile my code (moreover network code) on Windows through some freeware or open source compilers:
If your compiler doesn't find stristr() try to use stristr.c
||gcc -o file.exe file.c -lws2_32
||cl file.c -DWIN32 c:\vc\lib\ws2_32.lib
||bcc32 -Iinclude -Llib -DWIN32 file.c
||bin\dmc -Ju file.c lib\wsock32.lib file.c
||wcl386 -i=..\h;..\h\nt -dWIN32 -l..\lib386;..\lib386\nt file.c
||pocc /J /DWIN32 /Ze /I..\include /I..\include\win file.c
polink /LIBPATH:..\lib /LIBPATH:..\lib\win ws2_32.lib file.obj
Most of my programs use stdint.h, check that link if you use MSVC or go directly to the msinttypes project
Anyway contact me if you have suggestions to create a more portable code!
- about multiplatform code:
Almost all my code is written with compatibility and multi platform support in mind, so except some cases (Windows specific stuff) all my code can be compiled on linux, bsd, mac and other systems supporting the gcc compiler.
Depending by the project my code may be even endian compatible, which means that code can parse/handle specific binary protocols or formats on both intel/little endian and network/big endian architectures (like PowerPC).
The "main" compilation command is ever: gcc -o file file.c
if in the package there are other .c files you must add them too or just use: gcc -o file *.c
if you receive an error about inflate, deflate, compress or uncompress add -lz
if you receive an error about pthread add -lpthread
if you receive an error about aes, des, ssl or similar add -lssl -lcrypto
if you receive an error about dlsym add -ldl
- about my forum:
From the beginning of the 2008 I have opened a forum on which I give support for all my stuff and I get new ideas/projects/feedback/tools/patches and so on.
I closed the forum in 2011 because the community was growing and it started to take many time and effort, now it acts as an archive.
- about antivirus:
Unfortunately the AV companies need to make their databases bigger and they don't care to what they index or if it's open source software so some of my stuff could be tagged as hacktool, exploit or just aluigi (wow an entire category all for me! ih ih ih).
Some AV like Kaspersky even deny access to everything containing the word "adv" in the URL, read about it here.
There is also a thread on my forum about some ridiculous things made by various AV.
Anyway I remember to anyone that ALL my stuff on my website (main and mirrors listed in the left menu) is open source and so anyone can analyze and recompile it, additionally each zip package is periodically hash checked by me and in some rare cases recompiled from scratch too.
- about real "free" stuff:
This website and its content are completely free in any meaning you give to this word:
- free source code: it's all open source and anyone can compile, watch and modify it
- free information: everything is proved and explained in detail and ever with a practical example
- free as gratis: everything it's here for being shared
- advertising free: as already said I don't need to gain money from my passion and I HATE advertisements of any form
- images free: except the 3 images below there are no other images loaded in the webpages
- server-side scripts free: everything is in pure old-style static hand-written HTML, the only PHP scripts are the Search and the RSS
- something else that I don't remember at the moment... but it's free too :)
- about this website:
This website is nothing more than an archive containing everything I do everyday and moreover a personal website.
All the stuff on this space has been created by me and everything is completely "free" (as freedom) and open source.
Then remember that I consider all my stuff ever experimental, that's the reason of the 0.X versions.
Additionally exist old documents and code that I wrote years ago and may be obsolete or not well written.
This website is or has been hosted completely for free by:
- Nick Kusters: 2012 - 2013
- Sami Khayat of the old Eliott-Ness: 2009 - 2011
- Altervista: 2003 - present
Note that some file downloaders may not work with this website.
- My "lab"
A photo of my previous "room/lab" (11 Dec 2011).