Welcome to delroth.net!

About me

Resume (PDF)

I am Pierre Bourdon, a french hacker currently living and working in Zurich, Switzerland. I was previously studying Computer Science at EPITA, a french CS school located near Paris. I'm interested in all things related to programming, networking, infosec and reverse engineering.

I was previously part of a student laboratory called LSE (french acronym for Epita Systems/Security Laboratory) where I have the luck of being able to spend about half of the time I should spend on school projects working with great people on projects related to operating systems, computer security, and a lot more low-level domains. I did several talks during my time there in order to introduce other students from the school to my work and interests:

Some of us students at the lab take part in CTF security contests, in which we usually perform reasonably well. Our rankings are available on the CTF contests aggregator CTF Time.

On my free time I also contribute to open source projects. I am currently one of the Dolphin Emulator core developers where I work mostly on bugs fixing and emulation accuracy improvements. I also contributed a lot to stechec2, a client-server AI matchmaking system used to run Prologin, the french national programming contest. Finally, I also work on some of my own projects, of which the most notables are the following:

Articles

Here is a short list of articles I've written that I consider interesting and/or noteworthy:

(Mar 2013) Escaping a Python Sandbox
Writeup explaining how I solved a security contest exercise with internal Python magic (crafting types and code objects to get access to stack frames).
(Dec 2012) Emulating the Gamecube Audio Processing in Dolphin
A dive into how audio processing is commonly done on two Nintendo consoles: the Gamecube and the Wii. This article explains why exactly audio processing is hard to emulate properly, why the previous implementation was lacking and the work I've done in a new implementation to solve these shortcomings.
(Oct 2012) Writeup: Zombies PPTP (Hacklu CTF 2012)
Writeup of an interesting challenge involving hash cracking and clever bruteforcing in order to recover the plaintext from a kind-of-MSCHAPv2 implementation.
(Jul 2012) Using SAT and SMT to Defeat Simple Hashing Algorithms
How to transform a broken hash algorithm into a logic formula that can be solved in seconds using a SAT solver. Good example of why you should never try to write these kind of algorithms yourself.
(May 2012) PythonGDB Tutorial for Reverse Engineering
First and last article of a series that I planned to write on PythonGDB uses in my reverse engineering work, sadly I never found the motivation to write more (about topics like tracing automation, for example). Still, this is a pretty nice introduction to what's possible with the PythonGDB API.
(Apr 2012) Static Analysis of an Unknown Compression Format
Taking an unknown binary compression format and staring at it long enough until it makes sense. This was a very fun experience for me since I never really knew much about compression before working on this reverse engineering work. This article should be very interesting if you're interested in how reverse engineers think when confronted with a new problem they don't know.
(Mar 2012) More Fun with the NDH2K12 Prequals VM
Escaping and exploiting a VM running with ASLR and NX enabled, using /proc/self/mem to bypass memory write protections (very cool trick that is unfortunately not that well known).

Links