general writing revisions

astro-website/src/pages/posts/camac-cc32.mdx

@@ -14,17 +14,19 @@ information required to write C programs that interface to CAMAC systems, withou
 
 ## What is a CAMAC system?
 
-CAMAC is a [modular crate system](https://en.wikipedia.org/wiki/Modular_crate_electronics) used in the nuclear and particle physics industry for data aquisition. <br/> In practical terms a CAMAC system is a metallic cabinet, called a **CRATE**, in which electronic modules can be inserted.
+CAMAC is an ancient [modular crate system](https://en.wikipedia.org/wiki/Modular_crate_electronics) 
+used in the nuclear and particle physics industry for data aquisition. <br/> 
+In practical terms a CAMAC system is a metallic cabinet, called a **CRATE**, in which electronic modules can be inserted.
 
-A CRATE has 24 stations, numbered 1-24 in which a module can be inserted.<br/>
+A CRATE has 24 stations, numbered 1-24 in which modules can be inserted.<br/>
 station 25, the rightmost station, is reserved for a **CRATE CONTROLLER** whose
 purpose is to issue **CAMAC COMMANDS** to the modules and transfer information between a computer and the modules.
 
 In this article we are going to focus on a specific CRATE CONTROLLER: the
 [PCI-CC32](https://manualzz.com/doc/o/a55u3/manual-cc32-controller)
-from ARW Elektroniks Which connects to a Linux computer.
+from ARW Elektroniks Which connects to a Linux computer. This happens to be the setup in a nuclear physics lab at UniMib.
 
-<Picture src="camac-crate" height={490} alt="A bright red web page showing an error message: Your request have been blocked! We detected an attept to attack this website.  mod_insecurity online protection™ blocked your request.  Your request have been logged. Logged requests: 17265 " />
+<Picture src="camac-crate" height={490} alt="A metallic cabinet containing electronic equipment." />
 
 _Highlighted in this picture: A CAMAC CRATE in the wild. Station 12, 16, and 21 are occupied by some modules.
 Station 24-25 is occupied by the CRATE CONTROLLER. You can see the cable that connects it to the computer._
@@ -76,26 +78,22 @@ As always, the way a module reacts to Z, I, or C commands is described in its do
 
 ### Controlling a CAMAC crate with a C program
 
-> We are going to assume that the libcc32 library and driver are already correcly installed on your computer. In other words: Someone already installed everything, you only need to figure out how things work. This is common in most lab setups.
-
+We are starting with the assumption that the libcc32 library and driver are already correcly installed on your computer. 
+In other words: Someone already set up everything, you only need to figure out how things work.
 
 #### connecting to the crate
 
-In Linux everything is represented as a file. That's right, even the internet is a file! You shouldn't be surprised that this includes CAMAC crates.<br/>
-When a crate is connected to the computer it appears as a special file in the `/dev` folder, usually called cc32_1.
-If you have multiple crates connected to your computer, you will see multiple files in the `/dev` folder.
-You can find them by running the command `ls /dev` in a terminal.
-
-If you've ever written a C program that reads from a file these concepts will be very familiar to you:
-Normally, when you want to interact with a file you need to open a connection to it and store it in a special FILE variable, also
-referred to as FILE handle.
-
-Similarly, if you want to interact with a crate you need to open a connection to it and store it in a special CC32_HANDLE variable.
+When the libcc32 driver is installed on the computer and a camac crate is connected,
+the crate should appear as a special file in the `/dev` folder, usually called cc32_1.
+If you have multiple crates connected to your computer, you will see multiple files with a similar name in the `/dev` folder.
 
-In practical terms this can be done with the following code
+The first step is therefore to identify the name of the crate. You can do it by running the command `ls /dev`.
+In our example the crate is associated to a device file called `cc32_1`.
 
+The next step is to write a c program that connects to that crate, does nothing, then quits.
 
 ```c
+// program.c
 #include "libcc32.h"
 
 //the device file where your CAMAC CRATE can be accessed
@@ -115,23 +113,33 @@ int main(int argc, char *argv){
 
   /*
    *
-   * put the rest of the code here
+   * we'll put the rest of the code here
    *
    */
 
   //close the connection to the crate
   cc32_close(&handle); 
 }
 
+```
+
+This program should compile and close without errors.
 
 ```
+gcc program.c -o program
+
+./program
+```
+
+
 
 #### Read and Write commands
 
 Once you have an open connection to the crate, you can use the functions defined in the library to execute two type of commands:
 
 - **WRITE** commands: they are composed of N, A, F, and the additional data that you want to write into the selected module.<br/>
-  Use write commands for all function codes >= 16, even if they don't expect any data: just set the data parameter to 0, it will be ignored.
+  They are called write commands, but that's just a bad naming choice. You are actually supposed to use them for all
+  function codes >= 16, even if they don't expect any data: just set the data parameter to 0, it will be ignored.
   ```c
   /**
    Write 16 bits to an adress made out of N,A,F
@@ -147,7 +155,8 @@ Once you have an open connection to the crate, you can use the functions defined
   cc32_write_word(handle, N, A, F, data);
   ```
 - **READ** commands: they are composed of N, A, F, and they return some data from the selected module<br/>
-  Use read commands for all function codes < 16, even if they don't return any data
+  They are called read commands, but that's also just a bad naming choice. You are supposed to use them for
+  all function codes < 16, even if they don't return any data.
   ```c
   /**
    Read 24 bits from an adress made out of N,A,F and get the Q and X responses
@@ -168,7 +177,7 @@ Once you have an open connection to the crate, you can use the functions defined
    Note: This number will never be negative
    
    This function may fail at reading data
-   The reading was successfull only if the Q and X responses are both equal 1
+   The reading was successfull only if the Q and X responses are both set to 1 by the function.
   */
   unsigned long data = cc32_read_long_qx(handle, N, A, F, &Q, &X);
   ```

astro-website/src/pages/posts/pingctf-calc.mdx

@@ -113,12 +113,13 @@ Next, we can convert all invalid characters into Unicode sequences:
 \u{03c}img\u{020}src\u{3d}1\u{020}onerror\u{3d}alert\u{020}\u{3E} = 1+1
 ```
 
-Inject it into the page, and...<br/>
+Inject it into the page, and voilà we successfully injected html:<br/>
 
 ```html
 <div id="output">Invalid Identifier name: <img src=1 onerror=alert(1)></div>
 ```
-Boom! The image is created, but we get a CSP error
+
+There is only one issue: The image is created, but we get a CSP error
 
 ### The correct solution
 
@@ -131,14 +132,9 @@ style-src-elem 'self';
 script-src 'self' 'unsafe-eval';
 ```
 
-The policy blocks any kind of attack on the `innerHTML` flaw, including the Identifier trick we covered and other similar ones that exploited returned strings or inconsistencies in parsing comments.
-
-In the end, the correct solution involved a logic error that made it possible to bypass the AST validation. A full writeup of the exploit is [available here](https://gist.github.com/egonny/4dbf5151f99059ae58cf9390c7cc3830)
-
-To solve this challenge i lost a lot of time looking at parser inconsistencies without realizing that the CSP was making them completely useless, eventually losing a lot of precious time.<br/> I didn't manage to solve the challenge in time, but I definitely learned some useful lessons along the way.
-
-
-
-
+The policy blocks any kind of attack on the `innerHTML` flaw, 
+including the Identifier trick we covered and a similar one that exploited returned strings and inconsistencies in parsing comments.
 
+In the end, the correct solution involved a logic error that made it possible to bypass the AST validation.
+A full writeup of the exploit is [available here](https://gist.github.com/egonny/4dbf5151f99059ae58cf9390c7cc3830)
 

astro-website/src/pages/projects.mdx

@@ -11,7 +11,6 @@ import Picture from '../components/Picture.astro'
 import PictureThemed from '../components/PictureThemed.astro'
 
 - [Custom vm emulator and debugger](#custom-vm-emulator-and-debugger)
-- [This website](#this-website)
 - [Morse code web radio](#morse-code-web-radio)
 - [Infrastructure](#infrastructure)
 - [Students management system](#students-management-system)
@@ -40,20 +39,6 @@ required to solve a challenge.
 At the moment i'm still following the course, and practicing binary exploitation by playing CTFs.
 All my experiences on this subject are documented [in these articles](/articles/#pwn)
 
-### This website
-This website is part of my ongoing effort to enhance my technical writing skills.<br/>
-As Stephen King said, 'Writing is refined thinking.' 
-I believe that strong technical writing directly correlates with better engineering.
-
-From a technical point of view, although the main focus is on the writing,
-I like to customize my articles with interactive elements, taking some extra time to curate 
-the visual aestethics and the accessibility of the pages.
-All the meta-articles about the development of the website are tracked unde the tag [this website](/articles/#this-website).
-The base design is a fork of [Tania Rascia's blog](https://github.com/taniarascia/taniarascia.com),
-relying heavily on the [new moon](https://github.com/taniarascia/new-moon) dark theme. 
-The source code is available on [github](https://github.com/robalb/my-website/)
-
-
 ### Morse code web radio
 
 This is an old project I started in 2018, during my first years of high school.<br/>