Skip to main content

Serhii Nadtochii
#

General
#

City: Dnipro, Ukraine
Email: cv@altucor.com
Languages: Ukrainian, English
Position: Software Researcher

Summary
#

Im highly experienced developer with more than 7 years of software research, reverse engineering and software development. I was involved in to various projects on different stages for solving tasks related to: system development, networking, performance, protocols, filesystem, embedded. I have experience wokring on different desktop operating systems and with hardware platforms. I always like to learn something new and solve interesting tasks.

Skills
#

  • Reverse engineering tools: IDA, Frida, radare2, Ghidra, LIEF, ImHex, binwalk, APIMonitor, dnSpy

  • Software development: C/C++, Python, Javascript (basics), Golang (basics), C# (basics)

  • Network analysis and RE tools: Wireshark, Fiddler, Charles, tcpdump, etl2pcap

  • Hardware and embedded: Digital electronics, Multimeter, Logic Analyzer, Oscilloscope, UART, I2C, SPI, MIDI, CRSF, AVR8/Arduino, STM32, ESP8266/ESP32, RaspberryPi, Low speed digital electronics deisgn and manual manufacturing, firmware extraction

  • Frameworks and libraries: QT, boost, OpenSSL, MbedTLS, msquic, picojson, imgui

  • Operating systems: Windows, MacOS, Linux(mostly debian based)

  • Virtualization: qemu, Proxmox, VirtualBox, Hyper-V, VMWare

  • Quality and performance control: Valgrind, Google Address Sanitizer, Google Thread Sanitizer, gtest, Intruments(MacOS)

  • Methodologies: Agile/Scrum, Waterfall, Test driven development, Pair programming, static and dynamic reverse engineering, black box analysis

  • IDE: Visual Studio, Qt Creator, VSCode, XCode

  • Other: Virtualization of VM and containers, self-hosting various services, databases(SQL, Mongo), web servers, network and firewal configuration

Employment
#

Apriorit :: Software researcher and developer :: Jan 2018 - Present

Projects
#

MS Office software protection
#

  • Role: C++ developer, Researcher
  • Technologies & Tools: C++, Windows COM, WinDBG, IDA
  • Summary: I was part of team which was dedicated to implementation of protection mechanism for MS Office suite. I was digging down in Windows internal, researching how mechanisms works, developing some features in C++ and involved in to analysis of windows user space application crashdumps in WinDBG.

Smart battery protocol RE
#

  • Role: Reverse engineer, Researcher, Python developer, C/C++ Developer
  • Technologies & Tools: IDA, Python, RaspberryPi, Rock64, UART, Multimeter
  • Summary: My tasks here was to reverse engineer and restore interesting parts of UART based communication protocol. I was using IDA to reverse engineer firmware of smart batteries BMS controller and then implementing PoC and final application in Python language. I was using RaspberryPi for UART communication, research and development of solution. Partially participating in other tasks related to C/C++ implementation and bugfix. Configuring Linux for Rock64 SBC, configuring device tree file.

Vulnerability research
#

  • Role: Reverse engineer, Researcher
  • Technologies & Tools: IDA, JavaScript
  • Summary: Researching Javascript based vulnerabilities, implementing PoC’s, investigating ways how they can be applied and how to mitigate them.

iOS iCloud authentication RE
#

  • Role: Reverse engineer, Researcher, C/C++ developer
  • Technologies & Tools: IDA, Fiddler, Charles, C++, Qt, Python
  • Summary: I was working on researching iCloud authentication protocol. Analyzing network sniffs with Fiddler and Charles, aslo performing executable binary analysis with IDA. Developing Python scripts as PoC, final solution implementation in C++ with Qt library support.

iOS kernel RE
#

  • Role: Reverse engineer, Researcher, C/C++
  • Technologies & Tools: IDA, C/C++, device tree, Python, binary analysis, qemu
  • Summary: Researching iOS kernel internals, boot sequence, iBoot. Analyzing possibilities of running iOS on virtual hardware. Researching interrupt controller and PCI capabilities for extendability of usage.

Research communication protocol and developemnt of servicing tool for medical device
#

  • Role: Reverse engineer, Researcher, C++ developer
  • Technologies & Tools: IDA, C++, UART
  • Summary: Researching custom, device specific communication protocol based on UART. Reverse engineering firmware in IDA and implementing PoC and final solution in C++. Applying software protection techniques and sophisticated UART error handling.

Remote dekstop protocol RE
#

  • Role: Reverse engineer, C developer
  • Technologies & Tools: IDA, C/C++, CMake, MbedTLS
  • Summary: Researching proprietary remote dektop control protocol. Reverse engineering x86-64 binary. Restoring authentication, cryptohraphy, packet structures. Implementing compatible C application.

iOS applications RE
#

  • Role: Reverse engineer, Researcher, Python developer
  • Technologies & Tools: IDA, radare2, Python, Instruments(MacOS)
  • Summary: Reverse engineering and researching iOS applications, applying static and dynamic analysis. Researching old (Obj-C) and new (Swift) applications. Developing automation tools in Python.

Extending legacy medical device life time
#

  • Role: Researcher, Reverse Engineer, C/C++ developer
  • Technologies & Tools: C/C++, dnSpy, Arduino, STM32, Multimeter, Logic Analyzer, Oscilloscope
  • Summary: Researching medical device, decomposing and understaning block diagram of modules. Analyzing PCB, tracing lines with multimeter, sniffing protcol communication with logic analyzer and oscilloscope. Extracting firmware, analyzing and reverse engineering binaries. Reverse engineering MCU communication protocols based on UART and I2C. Implementing PoC partial solution on Arduino. Implementing final solution in C firmware for STM32.

Binary data analysis
#

  • Role: Researcher, Reverse engineer
  • Technologies & Tools: imhex, CyberChef, Python
  • Summary: Researching binary data format, analyzing blob in hexeditor, researching ideas via CyberChef and implementing PoC binary data decoder and simple viewer in Python.

Windows Kernel Driver developemnt
#

  • Role: C++ developer, Researcher, Reverse engineer
  • Technologies & Tools: C++, WinDBG, IDA
  • Summary: Implementing filesystem, network and other features in windows kernel driver. Investigating kernel BSOD’s. Conducting research for specific feature requests.

Research & RE of network hardware authentication algorithm
#

  • Role: Researcher, Reverse engineer
  • Technologies & Tools: PCB analysis, Multimeter, Logic Analyzer, UART, binwalk, imhex, CyberChef, IDA, C++
  • Summary: I was performing PCB analysis of the device. Researching potential weak places for attack. Performing firmware extraction and further decomposition and analysis. Narrowing down search area in firmware and performing reverse engineering of key binaries to find authentication algorithm. Implementing PoC C++ tool which can generate authentication blob based on specific input.

Personal Projects
#

midi-to-mikrotik-converter
#

  • Role: C/C++ Developer
  • Link: https://github.com/altucor/midi_to_mikrotik_converter
  • Technologies & Tools: C/C++, CMake, hexeditor
  • Summary: Development and from time to time support of utility which allows to convert midi files to MikroTik script files. These script files can be played on MikroTik routers which have beeper on board. Community usually was writing these scripts manually and it’s pain to track all delays between notes and frequency values. So i liked idea of playing some music in my router and i decided to automate this process and make this utility public.

libmidi
#

  • Role: C developer
  • Link: https://github.com/altucor/libmidi
  • Technologies & Tools: C, CMake
  • Summary: I was in need to have some midi library which can handle streams and files, on desktop and on MCU with pretty same API. Also i wanted to gain knowledge about MIDI so i decided to write my own library and improve it in future and use in different projects.

Global Agenda server
#

  • Role: Researcher, Reverse engineer, C++ developer
  • Link: https://github.com/altucor/global-agenda-server
  • Technologies & Tools: IDA, C++, Wireshark
  • Summary: I was playing in Global Agenda actively around 2010-2013 years. After long pause at one evening i wanted to play it again and i found out that servers doesn’t work anymore, after a bit of research i found confirmation of that, servers was shutdown due to small player base. So i decided to prolong this journey for my self and train again in reverse engineering and research. Here in repo just TCP part of authorization. I wanted in that way to host my own local server and redirect all game requests to it.

HTTP Knocker
#

  • Role: Golang developer
  • Link: https://github.com/altucor/http-knocker
  • Technologies & Tools: Golang, networking, iptables and firewalls, Proxmox virtualization
  • Summary: First of all i wanted to try Go in some kind of project. Secondly i’ve had idea of some automated knocking system which opens port for specific IP only after it got “knock-knock” at specific URL. The idea was to have it as separate tool which orchestrate different kind of routers and firewalls by opening ports for IP addresses for specific time window.

Subtractive synthesizer in software and hardware
#

  • Role: C developer, Researcher
  • Link: not-public
  • Technologies & Tools: C, imgui, QT, STM32
  • Summary: I’ve had long time interest to audio processing so i’ve decided to implement my own synthesizer in C so i can run it on ARM and x86 by only adjusting I/O. I was able to implement subtractive-wavetable synthesizer with ADSR, Cutoff, Limiter effects, advanced IO/ mapping and interface based on imgui. Also some additional tool for somulation and research was implemented in C/C++ and Qt.

Education
#

  • 2013 - 2017: Computer science Bachelors degree NMetAU(National Metallurgical Academy of Ukraine)

  • 2017 - 2019: Computer science Master’s degree NMetAU(National Metallurgical Academy of Ukraine)

ALTUCOR
Author
ALTUCOR