mirror.dongdigua.github.io/org/binary_exploit.org
2022-11-18 13:35:17 +08:00

72 lines
1.6 KiB
Org Mode

#+TITLE: Binary Exploit Resources I Recently Trying to Learn
#+TAGS: relearn(r)
#+OPTIONS: toc:nil
* resources
** video
[[https://youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN][Binary Exploitation / Memory Corruption by LiveOverflow]]
** website
*** [[https://play.picoctf.org/practice][picoCTF]]
*** [[https://exploit.education/][exploit education]]
* tools
** code auditing
[[../images/fedora_security_lab.png]]
*** pscan
*** rats
*** splint
*** flawfinder
** debug
*** gdb
** reverse
*** [[https://book.rada.re/][radare2]]
**** iaito
*** hopper(non-free)
* notes on video
** [[https://youtu.be/6jSKldt7Eqs][0x04: asm basics]]
*** to show assembly in the source code window in gud, ~M-x gdb-display-disassembly-buffer~
*** links
**** https://microcorruption.com/
** [[https://youtu.be/3NTXFUxcKPc][0x06: tools]]
*** simple tools
**** hexdump
**** strings
all printable letters
**** objdump
disassembler
**** strace/ltrace
trace sys/lib call
*** [[https://youtu.be/mT1V7IL2FHY][0x0A: deal with numbers]]
**** endian?
from [[https://zh.wikipedia.org/zh-cn/%E5%AD%97%E8%8A%82%E5%BA%8F][Wikipedia]]
[[../images/Big-Endian.svg.png ]][[../images/Little-Endian.svg.png]]
x86 is little endian
**** tools
***** python
#+BEGIN_SRC python
>>> int('111', 2)
7
>>> hex(123)
'0x7b'
>>> import struct
# https://docs.python.org/3.10/library/struct.html#format-characters
>>> struct.pack("<I", 0x61626364) # little endian
b'dcba'
>>> struct.pack(">I", 0x61626364) # big endian
b'abcd'
#+END_SRC
***** iex
#+BEGIN_SRC elixir
iex(1)> <<0x61626364::32>>
"abcd"
iex(2)> Base.decode16("61626364")
{:ok, "abcd"}
#+END_SRC