Hi, I’m Khaled
I have a background in computer science and cybersecurity with a wide interest in a number of their subfields. Usually, I’m up to discuss programming, software architecture, embedded systems, cryptography and everything else in between!
In my free time, I take up random research and/or fun projects in these topics and participate in hacking Capture The Flag (CTF) tournaments with Spotless. You can check out some of my posts about these projects (and whatever else, really) here or on rootfs.eu.
- Identifying and exploiting a memory corruption bug in Tuya smart devices based on the BK7231 SoC.
- CVE-2021-28657: Infinite loop in Apache Tika MP3Parser
An infinite loop can be triggered in Apache Tika’s MP3Parser through a carefully crafted or corrupt MP3 file. Affects Apache Tika up to and including 1.25.
- Samsung TV bug bounty - MagicINFO Server Takeover
An unauthenticated remote attacker can take over a Samsung MagicINFO Server installation as a “Server Administrator”.