Placement new

I am still intrigued by the use of malloc() and “placement new” to create objects on the heap in C++. This allows you to construct an object at a particular location in memory. Basically memory that has already been allocated.

Malloc() only allocates the requested amount of memory and returns a pointer to it. Whereas, new combines mallac() with a call to the object’s constructor which initializes the object.  In order to use malloc() with a class, you would have to explicitly call the objects constructor. As well as explicitly calling the object’s destructor!!!

Please do not use placement new unless you really need to place an object in a specific part of memory.


Unturned Editor for OSX [Preview]

Unturned is a sandbox multiplayer game much like Minecraft. It was recently Greenlit on Steam, and gained a huge amount of popularity in the following few days. The game currently saves player data in the registry (on Windows). Which I thought was a bit strange. Turns out, the developer used PlayerPrefs from Unity.

The key value needs to be converted into Windows-1252 encoded bytes, then decoded as if it were encoded in UTF-8. Each character’s unicode will then need to have ’32’ subtracted from it. Then we mod every character by 255, such that we get an ASCII character. You can read more about the encoding/decoding process here.

On Macs, save data is actually stored in a .plist file. Which can be parsed, and only need to be decoded as if it were UTF-8 encoded. Here is a prototype application which parses the .plist file and displays the decoded ‘inventory_’ value. We can then edit this string to give the player any item, ammo, etc.

Coded in C/C++



The source code has been released on Github.  To be honest, this is something I probably won’t be maintaining anymore.

Download Link:




This is a simple file integrity monitor/scanner. I started this after the BlackShades incident. Thought it would be a fun project to do, and a great way to learn more about file I/O.
I stopped playing TF2 for a whole day for this?!?!?! ohmygherd so OP.

pengusniffv1 pengusniffv1-2


Was bored. Rewrote Qt calculator example with new ‘engine’ and the ability to define expressions with parenthesis. Will probably add more features for the lawlz. Nuff said.



Ultron, an automatic homework fetcher/parser. I started working on this to reinforce what I learned using Qt. Too bad I don’t have access to my Moodle account anymore, time to add new features.

All of my GUIs look simple and plain. That will be something I will work on when I have time. Learning Qt is pretty fun :)




Learning how to use the Qt Framework for creating GUIs on Linux. My second application is real simple. I call it Moose. This works the same way as, except everything is on your own computer, and you don’t have to worry about third party.

Moose utilizes your local MTA to send emails. Simple GUI allows you to change the To:, From:, Name:, Subject: headers. Depending on how you have your /etc/hosts setup, sending time will differ from a few seconds up to a minute. moose



Rootkits: Subverting the Windows Kernel [Source/PDF]

This is an extremely useful book on rootkits: Rootkits: Subverting the Windows Kernel


It took me awhile to find all of the source code examples in the book. Since has been taken down, and that is where the book directs you to download from.

These are the examples listed in the book:


Development of a simple x64 bit operating system is now in progress! Matt and I are working on creating a PDF that will explain the methodologies of it’s boot/load/run process.
As well as releasing the source code on GitHub. More information can be found here.

Please visit our forums for questions.


This is an example of a simple P-warrior. A program that stores values in P-Space, that determines which strategy it will use.

The execution starts at res. Where the value -1 is loaded into the B-field. Execution continues to label ‘str’. The A-field of _STR is #0, and str1 is 5 addresses forward. Therefore the line for ‘str’ is ldp.a 0, 5. 0 in the P-Space is equal to -1, therefore ldp.a changes str1’s A-Field to -1.

Execution then continues to the if condition sne.ab #0 , res
This checks to see if both A and B fields are equivalent, if they are, execute the next instruction. If not, skip. Since res is equal to -1, they are not equal. Skipping the ‘lost’ label.

mod.a #2, str1
Does the operation -1 % 2 = 1
Making str1’s A-Field equal to 1

stp.ab str1, _STR stores the value of 1 into the 0 space in the P-Space.
Since str1’s A-Field is equal to 1. And _STR is 1, which points to str1. And since str1’s B-Field is equal to 2 (imp is two addresses forward), this stores 1 into the 2 P-field.

Now execution continues to the str1 label.
jmp @1 , 1
The @1 signifies that jmp’s B-field now points to dat 0, stream ‘s B-field. Which is equal to 2.
So str1 becomes:

jmp 1+(2) , 1

Execution jumps to the stream label. And since djn.f’s A-field is a direct/immediate value, it will continuously jump to itself.

Goes 11 addresses behind. Decrement the B value of that address, and then jump from the B value of that address.