mirror.dongdigua.github.io/org/binary_exploit.org

#+TITLE: Binary Exploit Resources I Recently Trying to Learn
#+DATE: <2022-06-29 三>
#+TAGS: relearn(r)
#+OPTIONS: toc:nil


* resources
** video
[[https://youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN][Binary Exploitation / Memory Corruption by LiveOverflow]]
** website
*** [[https://play.picoctf.org/practice][picoCTF]]
*** [[https://exploit.education/][exploit education]]

* tools

** code auditing
[[./../images/fedora_security_lab.png]]
*** pscan
*** rats
*** splint
*** flawfinder

** debug
*** gdb

** reverse
*** [[https://book.rada.re/][radare2]]
**** iaito
*** hopper(non-free)


* notes on video
** [[https://youtu.be/6jSKldt7Eqs][0x04: asm basics]]
*** to show assembly in the source code window in gud, ~M-x gdb-display-disassembly-buffer~
*** links
**** https://microcorruption.com/
** [[https://youtu.be/3NTXFUxcKPc][0x06: tools]]
*** simple tools
**** hexdump
**** strings
all printable letters
**** objdump
disassembler
**** strace/ltrace
trace sys/lib call
*** [[https://youtu.be/mT1V7IL2FHY][0x0A: deal with numbers]]
**** endian?
from [[https://zh.wikipedia.org/zh-cn/%E5%AD%97%E8%8A%82%E5%BA%8F][Wikipedia]]
[[../images/Big-Endian.svg.png ]][[../images/Little-Endian.svg.png]]
x86 is little endian
**** tools
***** python
#+BEGIN_SRC python
  >>> int('111', 2)
  7
  >>> hex(123)
  '0x7b'
  >>> import struct
  # https://docs.python.org/3.10/library/struct.html#format-characters
  >>> struct.pack("<I", 0x61626364) # little endian
  b'dcba'
  >>> struct.pack(">I", 0x61626364) # big endian
  b'abcd'
#+END_SRC
***** iex
#+BEGIN_SRC elixir
  iex(1)> <<0x61626364::32>>
  "abcd"
  iex(2)> Base.decode16("61626364")
  {:ok, "abcd"}
#+END_SRC
update: binary exploit 2022-07-29 16:13:34 +08:00			`#+TITLE: Binary Exploit Resources I Recently Trying to Learn`
add date to org file, pgp key 2022-09-15 17:18:00 +08:00			`#+DATE: <2022-06-29 三>`
update: binary exploit 2022-07-29 16:13:34 +08:00			`#+TAGS: relearn(r)`
			`#+OPTIONS: toc:nil`


			`* resources`
			`** video`
			`[[https://youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN][Binary Exploitation / Memory Corruption by LiveOverflow]]`
			`** website`
			`*** [[https://play.picoctf.org/practice][picoCTF]]`
			`*** [[https://exploit.education/][exploit education]]`

			`* tools`

			`** code auditing`
collections: tidy up, clean unused, add vimacs xahlee 2022-09-20 16:35:49 +08:00			`[[./../images/fedora_security_lab.png]]`
update: binary exploit 2022-07-29 16:13:34 +08:00			`*** pscan`
			`*** rats`
			`*** splint`
			`*** flawfinder`

			`** debug`
			`*** gdb`

			`** reverse`
			`*** [[https://book.rada.re/][radare2]]`
			`**** iaito`
			`*** hopper(non-free)`


			`* notes on video`
			`** [[https://youtu.be/6jSKldt7Eqs][0x04: asm basics]]`
			`*** to show assembly in the source code window in gud, ~M-x gdb-display-disassembly-buffer~`
			`*** links`
			`**** https://microcorruption.com/`
			`** [[https://youtu.be/3NTXFUxcKPc][0x06: tools]]`
			`*** simple tools`
			`**** hexdump`
			`**** strings`
			`all printable letters`
			`**** objdump`
			`disassembler`
			`**** strace/ltrace`
			`trace sys/lib call`
			`*** [[https://youtu.be/mT1V7IL2FHY][0x0A: deal with numbers]]`
			`**** endian?`
			`from [[https://zh.wikipedia.org/zh-cn/%E5%AD%97%E8%8A%82%E5%BA%8F][Wikipedia]]`
			`[[../images/Big-Endian.svg.png ]][[../images/Little-Endian.svg.png]]`
			`x86 is little endian`
			`**** tools`
			`***** python`
			`#+BEGIN_SRC python`
			`>>> int('111', 2)`
			`7`
			`>>> hex(123)`
			`'0x7b'`
			`>>> import struct`
			`# https://docs.python.org/3.10/library/struct.html#format-characters`
			`>>> struct.pack("<I", 0x61626364) # little endian`
			`b'dcba'`
			`>>> struct.pack(">I", 0x61626364) # big endian`
			`b'abcd'`
			`#+END_SRC`
			`***** iex`
			`#+BEGIN_SRC elixir`
			`iex(1)> <<0x61626364::32>>`
			`"abcd"`
			`iex(2)> Base.decode16("61626364")`
			`{:ok, "abcd"}`
			`#+END_SRC`