Search

Page 3 of 5. Showing 43 results (0.044 seconds)

1. Unsafe unlink[Korean]

   " data-ad-slot="3793401480"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> heap-exploitation unsafe_unlink
   TechNote • Jan 03, 2021

2. Poison null byte[Korean]

   > (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> heap-exploitation poison_null_byte
   TechNote • Jan 03, 2021

3. first-fit(Use-After-Free)[Korean]

   = window.adsbygoogle || []).push({}); </script> </div> heap-exploitation uaf
   TechNote • Jan 03, 2021

4. Overlapping chunks[Korean]

   || []).push({}); </script> </div> heap-exploitation overlapping_chunks
   TechNote • Jan 03, 2021

5. fastbin_dup_into_stack[Korean]

   ="3793401480"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> heap-exploitation double_free-kr
   TechNote • Jan 03, 2021

6. fastbin_dup[Korean]

   " data-ad-slot="3793401480"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> heap-exploitation double_free-kr
   TechNote • Jan 03, 2021

7. 02.Heap Exploitation

   List Heap Exploit Exploit table Exploits Access area Overwrite area Free Fake chunk Stack Heap Top chunk F - size F - bk A - prev_size A - size Double Free Free(Stack area) Stack area Heap area First fit O Fastbin dup O O
   TechNote • Oct 13, 2019

8. 12.Heap Feng Shui

   조정함으로써 Exploit에 영향을 줄 수 있는 Heap 레이아웃의 형태를 Heap Feng Shui라고 합니다. 1533191076315.jpg Structure of Exploit code  Heap Feng Shui Heap Overflow Overwrite … " src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> List Heap Feng Shui Heap Feng Shui란 Heap영역 할당된 chunk의 레이아웃을 조작하여
   TechNote • Apr 19, 2019

9. 11.Heap Spray

   확인하기 위해 다음과 같이 프로세스를 백그라운드로 실행합니다. lazenca0x0@ubuntu:~/Exploit/HeapSpray$ ./poc & [1] 30346 lazenca0x0@ubuntu:~/Exploit/HeapSpray$ Heap spray! Input size: [1]+ Stopped ./poc lazenca0x0@ubuntu:~/Exploit/HeapSpray$ ./poc & [2] 30347 lazenca0x0@ubuntu:~/Exploit/HeapSpray$ Heap spray! Input size: [2
   TechNote • Apr 18, 2019

10. 10.One-gadgets(feat. PLT/GOT overwrite)

    찾습니다. lazenca0x0@ubuntu:~/Exploit/OneGadgets$ strings -tx /lib/x86_64-linux-gnu/libc-2.23.so |grep /bin/sh 18cd57 /bin/sh lazenca0x0@ubuntu:~/Exploit … . 45278 영역에서 두번째 인가 값으로 RSI 레지스터에 [rsp+0x30]영역의 값을 저장합니다. 즉, 해당 One gadget을 사용하기 위해서는 [rsp+0x30]영역의 값 Null(0)이어야만 합니다. lazenca0x0@ubuntu:~/Exploit
    TechNote • Apr 17, 2019