## Monday, November 24, 2014

### Buffer Overflow Exploit : picoCTF 2014 Best_Shell Writeup

This shell is super useful! See if you can get the flag! The binary can be found at /home/best_shell/ on the shell server. The source can be downloaded here."  -- problem definition

This was perhaps one of the most straightforward problems to solve this year, yet was worth 160 points! We're given a relatively short problem statement and some code to analyze. Here it is:

## Saturday, November 22, 2014

### XSS Attack : Exploring picoCTF 2014 secure_page_service

"The bad guys have hidden their access codes on an anonymous secure page service. Our intelligence tells us that the codes was posted on a page with id 43440b22864b30a0098f034eaf940730ca211a55, but unfortunately it's protected by a password, and only site moderators can view the post without the password. Can you help us recover the codes?"  - problem definition

This year, picoCTF had a problem worth 100 points, titled "secure_page_service" which seemed to be a primitive "facebook" style service where you can share posts, view other posts, and even flag other posts for moderation (Which is quite important!).

## Monday, November 17, 2014

### picoCTF 2014 SQL Injection 1 Writeup

In this series pf writeups we'll be dissecting SQL injections to solve picoCTF challenges. There will be a total of 4 articles in this series, with each one going a bit more in depth and using different SQL injection techniques to exploit vulnerabilities present on the problem webpages.

## Sunday, November 16, 2014

### Anatomy of an ROP Attack: Case Study

In this article, we will learn the fundamentals of Return Oriented Programming (ROP) while dissecting a picoCTF problem regarding ROP. This will serve primarily as a primer/introduction to ROP, while the next article (ROP4 Writeup) will be a continued application of ROP to yet another problem. So let's begin by examining what is ROP, and why are we even using it?

## Saturday, August 16, 2014

### Surviving a Kidnapping : Particle Filter Style

In this article we will see how particle filters when used in Mobile Robot Localization, such as in Sequential Monte Carlo,  can be implemented to be versatile enough to handle a robot kidnapping -- that is , a robot being randomly removed from its track. This has several applications in real robotics as well as in competitive robotics, such as robot soccer where the robot soccer players are frequently picked up and moved around by humans. In a real robotic application, this can be applied to robots such as underwater autonomous vehicles that can be swept away by a strong ocean current or an animal. These random motions can throw off the strong particles in a filter and ultimately lead to localization failure, because no particles in the distribution agrees with the sensor measurements and motions of the actual robot.

## Saturday, July 26, 2014

### Extended Kalman Filter Example With Code

In this article we will look into using an Extended Kalman Filter (EKF) for estimating the state of a (simulated) moving vehicle. This article is inspired by the Udacity CS373 : Programming a Robotic Car course. We can use a Kalman Filter to estimate the next pose of the car that uses the following kinematics model:

$$\begin{vmatrix} \mathbf{\theta_{t}} \\ \mathbf{x_{t}} \\ \mathbf{y_{t}} \end{vmatrix} = \begin{vmatrix}\mathbf{(\theta_{t-1} + \alpha_{t} )mod 2\pi} \\ \mathbf{x_{t-1} + Rcos(\theta_{t})}\\ \mathbf{ y_{t-1} + Rsin(\theta_{t})} \end{vmatrix}$$

## Wednesday, July 23, 2014

### Deriving Least Squares Error for Linear Regression

In this article we'll take a deeper look into machine learning, in specific we'll delve deeper into linear regression and see why we didn't just pull a rabbit out of a hat to get the cost function for linear regression, which is denoted by $$J(\theta) = \frac{1}{2} \sum\limits_{i=1}^m (h_{\theta}(x^{(i)}) - y^{(i)})^{2}$$