Max Ammann
blog projects publications about
  • Generating PDFs with QR Codes in the Browser
    Jan 6, 2022 · 5 minutes read
    Generating QR codes is supported by various high quality libraries. Generating PDF using JavaScript in browsers is also very well-supported nowadays. In this post I want to present a method which has the following features:
  • Linux Network File System Comparison
    Jan 6, 2022 · 9 minutes read
    TL;DR: Just tell me what to use! Mounting file systems over a network can be very helpful. For example if you have a NAS (Network Attached Storage) and want to make the remote files available locally.
  • Streaming JSON Data in Python
    Jan 6, 2022 · 3 minutes read
    RFC 7464 defines a text file format based on the popular JSON format. Its intention is to write JSON texts as a sequence delimited by some character. This can be especially helpful for structured logging using JSON.
  • Stencil Testing in WebGPU and wgpu
    Jan 4, 2022 · 9 minutes read
    Stencil testing refers to a technique in computer graphics programming which allows conditional processing of fragments. Stencil testing is closely related to depth testing which is used to determine which fragment precedence based on its depth within the scene.
  • Auto-connect to ADB Wireless Debugging on Android 11
    Jan 3, 2022 · 2 minutes read
    Background With Android 11 the method for connecting to Android phones via ADB over the network has changed. Unfortunately, the new method requires to know the port on which the ADB service on the phone is running.
  • Enable AddressSanitizer in Rust *-sys crate
    Jun 15, 2021 · 5 minutes read
    For our tlspuffin fuzzer we use Rust to implement the testing harness. The harness is statically linked to OpenSSL via the openssl-sys and openssl-src crates, where the latter just provides a Rust Build Script.
  • Inspect Secure Renegotiation using OpenSSL
    Jun 7, 2021 · 3 minutes read
    While trying to reproduce the implementation bug CVE-2021-3449, I had to implement secure renegotiation as specified in RFC 5746. Often it is unclear which RFC is responsible for specific protocol behavior.
  • Building OpenSSL with Determinisic Randomness
    Jun 2, 2021 · 3 minutes read
    TLS, like most cryptographic protocols, depend on random numbers to generate keying material. These numbers should come from a trusted and truly random source. While this is necessary for production use, for testing purposes it is beneficial to use a pseudorandom number generator (PRNG).
  • Distinction between Fuzzing Approaches for TLS
    Apr 12, 2021 · 6 minutes read
    Traditionally, fuzzing mutates bits and bytes. That means that the semantics of the protocol are not directly used to mutate the fuzzing input. Symbolic-model Guided Fuzzers fuzz on a more abstract level.
  • Dissecting TLS using OpenSSL and Wireshark
    Mar 23, 2021 · 24 minutes read
    TLS is a beast of a protocol with at least 50 extensions and over 20 years of history. This indicates that implementing can be challenging and that it is important to take a close look at its security.
  • Fuzzing Terminology
    Mar 21, 2021 · 7 minutes read
    Research in Fuzzing has gained a lot of traction in the last decade. A lot of open source fuzzers have been implemented and are available on Github. Everyone who already developed any application knows the pain of naming things.
  • React Native: Inverting a ScrollView
    Jan 6, 2021 · 1 minutes read
    Sometimes you want to have a ScrollView which scrolls from right to left or from bottom. This can be handy when you use calendar views which often to from present to past.
  • Keeping a Secret Safe (and not only Secure)
    Jan 5, 2021 · 9 minutes read
    Keeping a secret like GPG keys safe is not a trivial task. It gets even more complicated if you want to backup it and have access in the more distant future.
  • Ngrok Alternative for the Linux Geek (ndove)
    Oct 31, 2020 · 2 minutes read
    Link to the project: github.com/maxammann/ndove Sometimes you want to expose a port running on localhost to the internet. This can be challenging because of multiple reasons: Your internet provider does not provide you with a unique IPv4 address There is a firewall between you and the internet through which you can not poke holes You do not want to modify your system just to expose some port There are commercial platforms which offer this as a service like Ngrok.
  • Tell apart Fixer and Developer in Analog Photography
    Oct 31, 2020 · 2 minutes read
    This probably happens to every analog photographer sooner or later. You finished developing your black and white film and you don’t remember in which container the used developer and in which the fixer is.
  • Flashing Firmware on PCEngine APUs using a Raspberry PI
    Apr 19, 2020 · 4 minutes read
    If is possible to flash a new firmware from Linux or BSD on an APU embedded system. If the system no longer boots because the board war bricked during a firmware upgrade then you have to flash the flash memory directly over SPI.
  • Docking Rule for ThinkPad Thunderbolt 3 Dock Gen 2
    Apr 11, 2020 · 3 minutes read
    It is very convenient to switch between different monitor layouts when using a laptop with multiple external monitors. A very good guide can be found on GitHub Gist by seanf. This post should contain the necessary information for getting it to work on a ThinkPad Thunderbolt Dock.
  • Routing Docker Container over a Specific Host Interface Like a VPN
    Apr 2, 2020 · 8 minutes read
    A docker setup can be very helpful when trying to separate services if they are not packaged otherwise. We don’t only want to separate configuration in this post, but also the network configuration.
  • Notes about Setting up a SCSI Nikon LS-2000 Scanner on Windows 10
    Mar 28, 2020 · 3 minutes read
    VueScan for the Nikon LS-2000 offers a future proof way of using old scanners over the legacy SCSI standard. The not that small Small Computer System Interface is not easy to setup in 2020.
  • Data Visualization of Telegram messages (Encrypted Chats)
    Mar 25, 2020 · 4 minutes read
    We are going to visualize the timestamps of messages in the Telegram database. This also includes encrypted chats as we analyze the SQLite database of the app. Obtaining the database We pull the database of Telegram using the ADB tool.
  • APU: Flash Coreboot on APUs using Tiny Core Linux
    Jan 28, 2020 · 1 minutes read
    The documentation about setting up Tiny Core Linux to flash a new coreboot version on APU boards is quite outdated. If you are interested in flashing the APU using a Raspberry PI then head over to this post.
  • Armbian: Encrypting the Root Partition
    Jan 21, 2020 · 3 minutes read
    This guide is tested on Armbian 20.8 The default Armbian images do not offer an encrypted root partition. Unfortunately it is requied to build the image yourself inorder to use LUKS on your root partition.
  • Lenovo T490: Using the new Synaptics firmware for the Fingerprint Reader
    Dec 23, 2019 · 2 minutes read
    The firmware and drivers for the Fingerprint Reader for Linux are finally ready as promised a few months ago. I’m not sure whether this was an accomplishment of Lenovo of the open-source community ¯_(ツ)_/¯.
  • Scanning Black and White Negatives: VueScan and Post-processing
    Sep 22, 2019 · 7 minutes read
    I recently got my hands on a Nikon Coolscan 2000 (LS-2000) scanner. The drivers and the scanning software VueScan is distributed by Hamrick Software. The original software Nikon Scan is discontinued.
  • Verifying a Yubikey for genuity using common tools
    Sep 4, 2019 · 6 minutes read
    I received a free Yubikey from an untrusted source on the CCCamp 2019. Therefore I looked for a way to verify its authenticity. The device appeared physically to be an original and not tampered with.
  • Using Telegraf and InfluxDB on pfSense with Let’s Encrypt Certificate
    May 3, 2019 · 3 minutes read
    I had problem to connect a InfluxDB from the pfSense because of a invalid certificate chain. The main problem here is that if you are configuring Telegraf with the pfSense UI then you are not using the system certificate chain (on FreeBSD that is /etc/ssl/cert.
  • Mounting qcow2 Images
    Apr 14, 2019 · 1 minutes read
    If you previously converted a raw image using qemu-img convert to a qcow2 image you maybe want to mount it to retrieve and modify data: 1modprobe nbd max_part=8 2qemu-nbd --connect=/dev/nbd0 db1_old.
  • Cross-compiling ROS Melodic for Raspbian (ARMv6)
    Apr 13, 2019 · 9 minutes read
    Disclaimer: This is probably not a step by step guide because there are a lot of dependencies involved. I tried to cover all the important aspects of cross-compiling ROS or actually any other software for Raspbian and ARMv6.
  • Installing ROS on virtual Raspberry PI Zero
    Mar 31, 2019 · 3 minutes read
    This post represents a slow way to compile ROS. In a new post I show how to crosscompile ROS. This post should guide you through the process of compiling ROS on a virtualized Raspberry PI Zero.
  • Setup the Ethernet gadget of PI Zero with dnsmasq
    Mar 31, 2019 · 1 minutes read
    Sometimes it makes sense to connect to the PI Zero by using the g_ether kernel module. This connection is way more reliable than the WiFi connection in certain environments. The setup is quite simple.
  • Basics for a simple slack bot which crawls websites
    Mar 22, 2019 · 2 minutes read
    Writing a slack bot which pushes content to a workspace is quite simple and fast to do. So if there is an updating piece of information in the internet from which your teams needs regular updates this is an easy.
  • Ngrok alternative for the Linux Geek
    Mar 22, 2019 · 3 minutes read
    I created a updated guide here! Sometimes you want to expose a port running on localhost to the internet. The use of NAT with IPv4 or firewalls make it difficult to expose a port.
  • Party PI: Solves the issue of different music tastes!
    Mar 22, 2019 · 2 minutes read
    At the company I work at we sometimes throw a party to celebrate the day! Unfortunately we have very different tastes of music. So solve that I setup a Raspberry PI so everyone can vote for their music.
  • CTF: Fun with Hardware and Software breakpoints in GDB
    Dec 23, 2018 · 4 minutes read
    I did the orw challange on pwnable.tw yesterday. It is very streight forward. You just have to send some x86 shellcode to stdin and the orw binary will execute it.
  • Jira: Invalid Server ID
    Nov 21, 2018 · 1 minutes read
    In case you migrated from Jira Cloud to the self-hosted version your server id probably got corrupted. You can revert this by searching your Jira logs for the ID and manually change it in the database.
  • pfSense: Installing on an APUC4
    Apr 8, 2018 · 2 minutes read
    Preparation Hardware requirements An USB stick (2.0 or 3.0 should work both) RS232 serial to USB adaptor (chipset PL2303 works fine on linux) (I went with this) RS232 null modem cable D-Sub (I went with this) APU2C4.
  • libav: Visualize audio in a spectrum using libavcodec
    Jun 18, 2015 · 5 minutes read
    Visualizing audio can be quite complicated if you suffer the mathematical premises. But with some trial-and-error the final code is not that complicated. You start by defining a few data structures:
  • MPD: Using beets to manage your music!
    Jun 9, 2015 · 2 minutes read
    MPD is an excellent way to play your music collection, but you do not want to depend on MPD or its database. Maybe you want to use your library also in other playback programms.
  • C: Processing and playing PCMed audio
    Mar 15, 2015 · 2 minutes read
    Playing compressed audio contains can be quiete complicated and needs some process power. So I’m going to start to play .WAV, .AIFF and raw PCM data. The first step will be to read a container format and decode the contained audio stream.
  • Conky: Display window title
    Mar 7, 2015 · 1 minutes read
    When using a tiling window you often want to hide the title bar of windows to achive a nicer look and save some space. But at the same time you don’t want to miss important information which sometimes is only exposed through the name of a window which is displayed in the title bar by default.
  • Pulseaudio: Synchronize Master and PCM
    Feb 15, 2015 · 1 minutes read
    PulseAudio is a network-capable sound server hosted at freedesktop.org. Supported operating systems include Linux, the BSDs, Solaris as well as Microsoft Windows. Problem I experienced some weird behaviour with my Logitech: Z10 speakers.
  • Unicode: Mess with characters and fonts.
    Jan 17, 2015 · 2 minutes read
    Can you see this symbol? 🔊 Nice, this means you have a good set of fonts and a good browser. Mostly easy so view a good part of the Unicode Character Set.
  • RPi Matrix #3: Render vector fonts on a 2D Matrix
    Jan 16, 2015 · 8 minutes read
    Rendering fonts was a pain in the ass! Took me some time to get around with all these glyphs, transformations and bitmaps. Nonetheless, let’s get started! Setting up FreeType2 Just include
  • RPi Matrix #2: C!
    Jan 15, 2015 · 6 minutes read
    Next step is going to be to find a way to render stuff on our matrix! Data structures Register output: io-bits (For RPi Model B Rev2) 1union io_bits { 2 struct { 3 bits_t unused : 2; // 0-1 4 bits_t output_enable_rev2 : 1; // 2 5 bits_t clock_rev2 : 1; // 3 6 bits_t strobe : 1; // 4 7 bits_t unused2 : 2; // 5.
  • C: UTF-8 to wide character
    Jan 11, 2015 · 2 minutes read
    In my “RPi Matrix” project I wanted to render UTF-8 fonts on a 2D-Raster. To rasterize and vector fonts I used a library called FreeType, which accepts unsigned long* as input to render a single character.
  • RPi Matrix #1: Getting this project started!
    Jan 11, 2015 · 2 minutes read
    So let’s get this project started. My goal is to create some shiny physical device which allows me to display some super awensome stuff, control my desktop computer. Input will be handled by an Android app.
github rss email gpg asc
git HEAD
Attribution 4.0 International (CC BY 4.0)