From c390df3897d3a4cdf33ce6665f94d538516ddcbc Mon Sep 17 00:00:00 2001 From: dongdigua Date: Fri, 29 Jul 2022 16:13:34 +0800 Subject: [PATCH] update: binary exploit --- org/binary_exploit.org | 71 ++++++++++++++++++++++++++++++++++++ org/cheatsheet.org | 16 +++++--- org/internet_collections.org | 12 ++++-- 3 files changed, 89 insertions(+), 10 deletions(-) create mode 100644 org/binary_exploit.org diff --git a/org/binary_exploit.org b/org/binary_exploit.org new file mode 100644 index 0000000..b6e225b --- /dev/null +++ b/org/binary_exploit.org @@ -0,0 +1,71 @@ +#+TITLE: Binary Exploit Resources I Recently Trying to Learn +#+TAGS: relearn(r) +#+OPTIONS: toc:nil + + +* resources +** video +[[https://youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN][Binary Exploitation / Memory Corruption by LiveOverflow]] +** website +*** [[https://play.picoctf.org/practice][picoCTF]] +*** [[https://exploit.education/][exploit education]] + +* tools + +** code auditing +[[../images/fedora_security_lab.png]] +*** pscan +*** rats +*** splint +*** flawfinder + +** debug +*** gdb + +** reverse +*** [[https://book.rada.re/][radare2]] +**** iaito +*** hopper(non-free) + + +* notes on video +** [[https://youtu.be/6jSKldt7Eqs][0x04: asm basics]] +*** to show assembly in the source code window in gud, ~M-x gdb-display-disassembly-buffer~ +*** links +**** https://microcorruption.com/ +** [[https://youtu.be/3NTXFUxcKPc][0x06: tools]] +*** simple tools +**** hexdump +**** strings +all printable letters +**** objdump +disassembler +**** strace/ltrace +trace sys/lib call +*** [[https://youtu.be/mT1V7IL2FHY][0x0A: deal with numbers]] +**** endian? +from [[https://zh.wikipedia.org/zh-cn/%E5%AD%97%E8%8A%82%E5%BA%8F][Wikipedia]] +[[../images/Big-Endian.svg.png ]][[../images/Little-Endian.svg.png]] +x86 is little endian +**** tools +***** python +#+BEGIN_SRC python + >>> int('111', 2) + 7 + >>> hex(123) + '0x7b' + >>> import struct + # https://docs.python.org/3.10/library/struct.html#format-characters + >>> struct.pack(">> struct.pack(">I", 0x61626364) # big endian + b'abcd' +#+END_SRC +***** iex +#+BEGIN_SRC elixir + iex(1)> <<0x61626364::32>> + "abcd" + iex(2)> Base.decode16("61626364") + {:ok, "abcd"} +#+END_SRC + diff --git a/org/cheatsheet.org b/org/cheatsheet.org index f9c08b0..66dff36 100644 --- a/org/cheatsheet.org +++ b/org/cheatsheet.org @@ -52,12 +52,12 @@ * EMACS ** org-mode -| key | usage | -|-----------+-----------| -| C-c \vbar | 创建表格 | -| C-c C-e | 导出 HTML | -| | | -| | | +| key | usage | +|--------------+----------------------------| +| C-c \vbar | 创建表格 | +| C-c C-e | 导出 HTML | +| M-left/right | 升级(promote)/降级(demote) | +| C-c C-x C-v | toggle render images | ** normal | key | usage | @@ -69,6 +69,10 @@ | C-x C-; | 行切换注释 | | C-y | paste to minibuffer | +** dired +| key | usage | +| R | rename | + * Git (虽然不算editor, 但是先也放这吧) #+BEGIN_SRC shell git log --stat | perl -ne 'END { print $c } $c += $1 if /(\d+) insertions/;' diff --git a/org/internet_collections.org b/org/internet_collections.org index 5c548ca..ce5047d 100644 --- a/org/internet_collections.org +++ b/org/internet_collections.org @@ -78,6 +78,9 @@ old very high quality *** [[http://tomasp.net/commodore64][commodore64 BASIC]] *** [[http://tomasp.net/blog/csharp-async-gotchas.aspx][async in C#(gotchas) and F#]] +** [[http://www.xianwaizhiyin.net/][弦外之音]] :c:lowlevel: +** [[https://creamidea.github.io/][C-tone]] +pretty and concise page * YouTube 收集(没有账号, 这就是我的收藏夹) ** Code @@ -89,13 +92,13 @@ java bad, python slow, nvidia fuck you, vi-sual studio, C艹 sucks legacy *** [[https://youtu.be/qKA2NZ1-kx0][tsoding write cool shell in rust]] *** [[https://youtu.be/hmMtQe_mYr0][tsoding helloworld in c]] -*** [[https://www.youtube.com/watch?list=RDCMUChl_NKOs1qqh_x7yJfaDpDw][Tantan 合集]] +*** [[https://www.youtube.com/playlist?list=RDCMUChl_NKOs1qqh_x7yJfaDpDw][Tantan 合集]] Rust Graphics -*** [[https://www.youtube.com/watch?list=PLGNbPb3dQJ_446PjTYQ0mCn2OGoHSKraB][build a virtual machine 合集(6/29)]] -*** [[https://www.youtube.com/watch?list=PLSiFUSQSRYAOFwfP-aMzXJlWKVyIuWfPU][stack-based virtual machine(6 episode)]] +*** [[https://www.youtube.com/playlist?list=PLGNbPb3dQJ_446PjTYQ0mCn2OGoHSKraB][build a virtual machine 合集(6/29)]] +*** [[https://www.youtube.com/playlist?list=PLSiFUSQSRYAOFwfP-aMzXJlWKVyIuWfPU][stack-based virtual machine(6 episode)]] and [[https://youtu.be/cfPDeso3XwI][register-based(13 episode)]] *** [[https://youtu.be/_uAMo-bXI5g][register virtual machine in rust, with memory visualization]] -*** [[https://www.youtube.com/watch?list=PLpM-Dvs8t0VY73ytTCQqgvgCWttV3m8LM][tsoding virtual machine in C]] , [[https://dongdigua.github.io/tsoding_bm][some notes]] +*** [[https://www.youtube.com/playlist?list=PLpM-Dvs8t0VY73ytTCQqgvgCWttV3m8LM][tsoding virtual machine in C]] , [[https://dongdigua.github.io/tsoding_bm][some notes]] *** [[https://youtu.be/Fq9chEBQMFE][what if I try to malloc too much memory]] *** [[https://youtu.be/qF7dkrce-mQ][fireship bitcoin]] 大概是我见过最好的讲区块链的视频了, 除了...JS 啊啊啊 @@ -110,6 +113,7 @@ and [[https://youtu.be/cfPDeso3XwI][register-based(13 episode)]] 1:50 sexplib? 2:00 build own irc lib 2:14 "how many american server you have already hacked" - "I don't count them I'm sorry" +*** [[https://youtube.be/TLa2VqcGGEQ][CVE-2021-3156 sudo]] ** Minecraft *** [[https://youtu.be/VKydXD6Lr20][Mojang & Minecraft 开始衰落了吗?]]