为了方便读者访问(其实是有时找不到自己的文章→_→)。已将文章做好分类,在“文章分类”一栏下可以看到比较清晰直观的文章分类,以后写的文章也都会添加进该栏目。 欢迎来访~     ...

本blog将于2015年7月15日正式启用新域名burningcodes.net,老域名itdreamerchen.com只会做域名转向至首页(至2015年8月12日),基于老域名的外部链接将会失效。欢迎来访~     ...

This article will discuss something about Android4.2 kernel debugging,i won’t tell you how to set up the environment , if you want to know how,please review this article : Android Linux内核编译调试 , but that article still contains some errors, for example , the command to open an emulator that can be debugged is as below: ...

1.Overview In 0ctf2016 ,there are many hard challenges,the ‘state of art’ is one of that. This article will not only talk about that challenge but also introduce some details of Android ART.If you find something wrong, please don’t hesitate to tell me,thanks! 2. Android ART I won’t introduce the all of Android ART in ...

In the process of learning English these days , i want to find some useful apps to make me more effective,so, finding this app : “voa每日英语”  (by 2015.12.08) . This app seemed good until i saw the comments: Then i installed this app and see how it would act : Every time when i open this app,it will automatically download ads! so i crack...

After becoming an intern in keen team about half a month, i am seriously aware of the importance of English. So, i make a decision that from now on,i’ll  use English instead of Chinese to update my blog. I’ll try my best to keep my blog updated,although i may not have much time like one year before.I am happy to share my study experience ...

今年的比赛运气比较好,最终排名前20(学生潜力榜第四),到手2500大洋 ^-^ 这次阿里的题出的比去年难得多了,到第三题各种so混淆,只能怪自己源码研究的还不够深,还得继续努力阿~ 第一题 用netbeans动态跟smali,在所有比较处下断点,经调试发现在45540行,v4固定为520676,并与计算过后的输入值作比较(v10): 当输入为1时v10为124751,输入为2时v10为124752,输入为3时v10为124753...

前段时间参加了NSCTF(绿盟举办的ctf),题目总体而言不是很难,其中有两题exp的高分题还挺有意思的,这里记录下当时写的exp1500的writeup。 题目要求在win7 64位以上的环境(开启DEP和ALSR)下溢出一个程序,使得弹出计算器,漏洞程序在这:http://pan.baidu.com/s/1c07EimG(提取码9y8t)。 脱壳之后,经过IDA分析之后发现,该程序存在缓冲区溢出漏洞,在ENCRYP...

这篇文章将从Android源码编译开始,一步步定制自己的Android ROM。使用到的设备为Nexus 5,Android源码版本为4.4.4_r2,编译环境为kali2.0 64位。 1.Android源码编译 android源码下载这里不再介绍,具体可以看google的官方文档。 1.1准备编译环境 编译android源码需要sun/oracle的jdk(kali2.0自带的为openJDK),3.8版本的make,还要安装的依赖库如下: ...

echo1是linux64下的溢出题。IDA逆出来的main函数: C int __cdecl main(int argc, const char **argv, const char **envp) { int *v3; // rsi@1 void *v4; // rax@1 int v6; // [sp+Ch] [bp-24h]@1 _QWORD v7[4]; // [sp+10h] [bp-20h]@1 setvbuf(stdout, 0LL, 2, 0LL); setvbuf(stdin, 0LL, 1, 0LL); o = mallo...

这篇文章接着上篇pwnable刷题writeup之Toddler’s Bottle(一): 9.mistake #include <stdio.h> #include <fcntl.h> #define PW_LEN 10 #define XORKEY 1 void xor(char* s, int len){ int i; for(i=0; i<len; i++){ s[i] ^= XORKEY; } } int main(int argc, char* argv[]){ int fd; if(...

最近在练习pwn,pwnable.kr这个网站有很多很有意思的pwn题,现放出我的部分刷题writeup: 1.fd 源码如下: C #include <stdio.h> #include <stdlib.h> #include <string.h> char buf[32]; int main(int argc, char* argv[], char* envp[]){ if(argc<2){ printf("pass argv[1] a number\n"); return 0; } int fd = at...

+
跳转到评论