mirror of
https://github.com/dongdigua/dongdigua.github.io
synced 2024-11-28 05:50:54 +08:00
update: binary exploit
This commit is contained in:
parent
8cace2149a
commit
8ad4fbe1a6
71
org/binary_exploit.org
Normal file
71
org/binary_exploit.org
Normal file
@ -0,0 +1,71 @@
|
||||
#+TITLE: Binary Exploit Resources I Recently Trying to Learn
|
||||
#+TAGS: relearn(r)
|
||||
#+OPTIONS: toc:nil
|
||||
|
||||
|
||||
* resources
|
||||
** video
|
||||
[[https://youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN][Binary Exploitation / Memory Corruption by LiveOverflow]]
|
||||
** website
|
||||
*** [[https://play.picoctf.org/practice][picoCTF]]
|
||||
*** [[https://exploit.education/][exploit education]]
|
||||
|
||||
* tools
|
||||
|
||||
** code auditing
|
||||
[[../images/fedora_security_lab.png]]
|
||||
*** pscan
|
||||
*** rats
|
||||
*** splint
|
||||
*** flawfinder
|
||||
|
||||
** debug
|
||||
*** gdb
|
||||
|
||||
** reverse
|
||||
*** [[https://book.rada.re/][radare2]]
|
||||
**** iaito
|
||||
*** hopper(non-free)
|
||||
|
||||
|
||||
* notes on video
|
||||
** [[https://youtu.be/6jSKldt7Eqs][0x04: asm basics]]
|
||||
*** to show assembly in the source code window in gud, ~M-x gdb-display-disassembly-buffer~
|
||||
*** links
|
||||
**** https://microcorruption.com/
|
||||
** [[https://youtu.be/3NTXFUxcKPc][0x06: tools]]
|
||||
*** simple tools
|
||||
**** hexdump
|
||||
**** strings
|
||||
all printable letters
|
||||
**** objdump
|
||||
disassembler
|
||||
**** strace/ltrace
|
||||
trace sys/lib call
|
||||
*** [[https://youtu.be/mT1V7IL2FHY][0x0A: deal with numbers]]
|
||||
**** endian?
|
||||
from [[https://zh.wikipedia.org/zh-cn/%E5%AD%97%E8%8A%82%E5%BA%8F][Wikipedia]]
|
||||
[[../images/Big-Endian.svg.png ]][[../images/Little-Endian.svg.png]]
|
||||
x86 is little endian
|
||||
**** tools
|
||||
***** python
|
||||
#+BEGIN_SRC python
|
||||
>>> int('111', 2)
|
||||
7
|
||||
>>> hex(123)
|
||||
'0x7b'
|
||||
>>> import struct
|
||||
# https://docs.python.org/3.10/library/struct.html#format-characters
|
||||
>>> struct.pack("<I", 0x61626364) # little endian
|
||||
b'dcba'
|
||||
>>> struct.pack(">I", 0x61626364) # big endian
|
||||
b'abcd'
|
||||
#+END_SRC
|
||||
***** iex
|
||||
#+BEGIN_SRC elixir
|
||||
iex(1)> <<0x61626364::32>>
|
||||
"abcd"
|
||||
iex(2)> Base.decode16("61626364")
|
||||
{:ok, "abcd"}
|
||||
#+END_SRC
|
||||
|
@ -52,12 +52,12 @@
|
||||
|
||||
* EMACS
|
||||
** org-mode
|
||||
| key | usage |
|
||||
|-----------+-----------|
|
||||
| C-c \vbar | 创建表格 |
|
||||
| C-c C-e | 导出 HTML |
|
||||
| | |
|
||||
| | |
|
||||
| key | usage |
|
||||
|--------------+----------------------------|
|
||||
| C-c \vbar | 创建表格 |
|
||||
| C-c C-e | 导出 HTML |
|
||||
| M-left/right | 升级(promote)/降级(demote) |
|
||||
| C-c C-x C-v | toggle render images |
|
||||
|
||||
** normal
|
||||
| key | usage |
|
||||
@ -69,6 +69,10 @@
|
||||
| C-x C-; | 行切换注释 |
|
||||
| C-y | paste to minibuffer |
|
||||
|
||||
** dired
|
||||
| key | usage |
|
||||
| R | rename |
|
||||
|
||||
* Git (虽然不算editor, 但是先也放这吧)
|
||||
#+BEGIN_SRC shell
|
||||
git log --stat | perl -ne 'END { print $c } $c += $1 if /(\d+) insertions/;'
|
||||
|
@ -78,6 +78,9 @@ old
|
||||
very high quality
|
||||
*** [[http://tomasp.net/commodore64][commodore64 BASIC]]
|
||||
*** [[http://tomasp.net/blog/csharp-async-gotchas.aspx][async in C#(gotchas) and F#]]
|
||||
** [[http://www.xianwaizhiyin.net/][弦外之音]] :c:lowlevel:
|
||||
** [[https://creamidea.github.io/][C-tone]]
|
||||
pretty and concise page
|
||||
|
||||
* YouTube 收集(没有账号, 这就是我的收藏夹)
|
||||
** Code
|
||||
@ -89,13 +92,13 @@ java bad, python slow, nvidia fuck you, vi-sual studio, C艹 sucks
|
||||
legacy
|
||||
*** [[https://youtu.be/qKA2NZ1-kx0][tsoding write cool shell in rust]]
|
||||
*** [[https://youtu.be/hmMtQe_mYr0][tsoding helloworld in c]]
|
||||
*** [[https://www.youtube.com/watch?list=RDCMUChl_NKOs1qqh_x7yJfaDpDw][Tantan 合集]]
|
||||
*** [[https://www.youtube.com/playlist?list=RDCMUChl_NKOs1qqh_x7yJfaDpDw][Tantan 合集]]
|
||||
Rust Graphics
|
||||
*** [[https://www.youtube.com/watch?list=PLGNbPb3dQJ_446PjTYQ0mCn2OGoHSKraB][build a virtual machine 合集(6/29)]]
|
||||
*** [[https://www.youtube.com/watch?list=PLSiFUSQSRYAOFwfP-aMzXJlWKVyIuWfPU][stack-based virtual machine(6 episode)]]
|
||||
*** [[https://www.youtube.com/playlist?list=PLGNbPb3dQJ_446PjTYQ0mCn2OGoHSKraB][build a virtual machine 合集(6/29)]]
|
||||
*** [[https://www.youtube.com/playlist?list=PLSiFUSQSRYAOFwfP-aMzXJlWKVyIuWfPU][stack-based virtual machine(6 episode)]]
|
||||
and [[https://youtu.be/cfPDeso3XwI][register-based(13 episode)]]
|
||||
*** [[https://youtu.be/_uAMo-bXI5g][register virtual machine in rust, with memory visualization]]
|
||||
*** [[https://www.youtube.com/watch?list=PLpM-Dvs8t0VY73ytTCQqgvgCWttV3m8LM][tsoding virtual machine in C]] , [[https://dongdigua.github.io/tsoding_bm][some notes]]
|
||||
*** [[https://www.youtube.com/playlist?list=PLpM-Dvs8t0VY73ytTCQqgvgCWttV3m8LM][tsoding virtual machine in C]] , [[https://dongdigua.github.io/tsoding_bm][some notes]]
|
||||
*** [[https://youtu.be/Fq9chEBQMFE][what if I try to malloc too much memory]]
|
||||
*** [[https://youtu.be/qF7dkrce-mQ][fireship bitcoin]]
|
||||
大概是我见过最好的讲区块链的视频了, 除了...JS 啊啊啊
|
||||
@ -110,6 +113,7 @@ and [[https://youtu.be/cfPDeso3XwI][register-based(13 episode)]]
|
||||
1:50 sexplib?
|
||||
2:00 build own irc lib
|
||||
2:14 "how many american server you have already hacked" - "I don't count them I'm sorry"
|
||||
*** [[https://youtube.be/TLa2VqcGGEQ][CVE-2021-3156 sudo]]
|
||||
|
||||
** Minecraft
|
||||
*** [[https://youtu.be/VKydXD6Lr20][Mojang & Minecraft 开始衰落了吗?]]
|
||||
|
Loading…
Reference in New Issue
Block a user