Corkami

Hi newcomers! I've been contributing to Magika since 2023 (it became public in 2024). Magika is not AI slop: it's useful in its own way, and used in production. The recent Rust release doesn't change how Magika is fundamentally working.

This repository offering in depth dissections of binary file formats, including PE, ELF, Mach-O, and more. An essential resource for reverse engineers and developers to uncover the structure of executables and libraries. github.com/corkami/pics

😊

In PagedOut 6, I showed many PDF tricks by dissecting a crazy yet fully working handmade “Hello World” PDF file.

I made in PagedOut 6 an illustration on the basics of the PDF format.

New year resolution #2: ✅ try streaming. Week #1: From PDF basics to PoC||GTFO polyglots. Thanks to everyone for the support!

After the next stream, I'll start redoing my first streams in french! You'll have time to catch up in the meantime. I'll resume english streams afterwards. Après le prochain direct, je referais mes 7 premiers directs, mais en français cette fois! Partagez SVP!

Today, I crafted manually tiny polyglot files as easy examples. In my next stream (tomorrow @ 9PM CET), I'll walk through some real polyglots: the releases of PoC||GTFO. youtube.com/live/POg2Qpxbp…

lately @corkami has been dropping some fire content

My stream about crafting a PDF file from scratch is over. youtube.com/live/q6KgFezu8… It was pretty chill to take the time to answer questions, thanks again for joining!

Let’s try something new in 2025… This saturday at 8pm CET, I'll stream about crafting a valid PDF file from scratch. We’ll see how it goes!

I presented about file formats at #38C3. Thanks for the feedback everyone! speakerdeck.com/ange/fearsome-…

The Woff v2 format pushes things further: standard tags are now implicit via an enum, tables-specific transformations are applied to improve compression, and Brotli compression (2013-) is used.

The Woff (Web Open Font Format) is an alternate form of TTF/OTF, in which tables are typically compressed individually w/ Zlib. Besides, the content remains similar and Woff files can be turned back to TTF/OTF.

OTF (OpenType) fonts files are similar to TTF: The version looks like a magic, similar directory / table structure, some tables are shared w/ TTF (OS/2, maxp, cmap...), some are exclusive (CFF ^ glyf, loca).

TTF fonts spaghetti: - the number of elements in the glyf table is set in the maxp table. - the relative offsets of the elements in the glyf table are given by the loca table. - the format of the loca table is specified in the head table.

TTF (and vector fonts in general) are very complex. A tiny font with a single defined glyph made of a single rectangle... 0x590 (1424) bytes! They even contain some bytecode!

TTF (TrueType fonts) have no magic, start directly with a directory table pointing to each tagged-tables. The format is uncompressed, many tables start with a version number. Standard software can add their own custom tables (ex: FontForge).

BPG - Better Portable Graphics - was created by Fabrice Bellard (LzExe / FFMpeg / QEmu...) and has a very compact header with variable integers, yet it has a proper magic.

Binary properties list is a serialization format with a PDF-like structure: a magic, a trailer, an xref table, and objects referencing each others. Which makes it easy to move objects around or overlap them.