近两天做实验,需要在Linux下编写一个反复调用其他程序(application)并等待的程序(invoker)。出现了一个有意思的问题,调了两天终于把这个事情解决了。特此记录一下。
作者归档:Jack
Pwn学习总结(27):SmallBin – playthenew
实验环境:
x86_64, Ubuntu 18.04.6 LTS, Kernel 4.15.0-170-generic
GLIBC 2.27-3ubuntu1.5
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/OtherBin/playthenew
ELF安全性:
Arch: amd64-64-little
RELRO: Full RELRO
Stack: Canary found
NX: NX enabled
PIE: PIE enabled
Pwn学习总结(26):TCache – tcache231
实验环境:
x86_64, Ubuntu 20.04.4 LTS, Kernel 5.13.0-37-generic
GLIBC 2.31-0ubuntu9.8
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/TCache/tcache231
ELF安全性:
Arch: amd64-64-little
RELRO: Partial RELRO
Stack: Canary found
NX: NX enabled
PIE: No PIE (0x400000)
Pwn学习总结(25):_IO_FILE – io_leak
实验平台:
x86_64, Ubuntu 18.04.6 LTS, Kernel 4.15.0-170-generic
GLIBC 2.27-3ubuntu1.5
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/IO_FILE/io_leak
ELF安全性:
Arch: amd64-64-little
RELRO: Full RELRO
Stack: Canary found
NX: NX enabled
PIE: PIE enabled
amd64体系结构,保护全开。
Pwn学习总结(24):Heap – TCache – tcache
实验平台:
x86_64, Ubuntu 18.04.6 LTS, Kernel 4.15.0-170-generic
GLIBC 2.27-3ubuntu1.5
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/TCache/tcache
Pwn学习总结(23):Heap – House of Orange – bookwriter
实验平台:
x86_64, Ubuntu 16.04.7 LTS, Kernel 4.15.0-142-generic
GLIBC 2.23-0ubuntu11.3
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/OtherBin/bookwriter
Pwn学习总结(22):Heap-OtherBin/unsorted_bin
实验平台:
x86_64, Ubuntu 16.04.7 LTS, Kernel 4.15.0-142-generic
GLIBC 2.23-0ubuntu11.3
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/OtherBin/unsorted_bin
Pwn学习总结(21):Heap-OtherBin/offbyone
实验平台:
x86_64, Ubuntu 16.04.7 LTS, Kernel 4.15.0-142-generic
GLIBC 2.23-0ubuntu11.3
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/OtherBin/offbyone
Pwn学习总结(20):Heap-Unlink/offbyone_unlink
实验平台:
x86_64, Ubuntu 16.04.7 LTS, Kernel 4.15.0-142-generic
GLIBC 2.23-0ubuntu11.3
实验Binary及答案:https://github.com/bjrjk/pwn-learning/tree/main/Unlink/offbyone_unlink
Pwn学习总结(19):Heap-FastBin/fastbin
从这道题目开始,我们正式进入堆的世界~
由于最新版系统的libc版本升级后加入了tcache机制,我们只能使用旧版系统来完成后面一系列的入门级堆题目。我采用的系统是Ubuntu 16.04。