mirror of
https://github.com/nganhkhoa/CTF-All-In-One.git
synced 2024-12-24 19:21:15 +07:00
add 6.2.4
This commit is contained in:
parent
571cc031eb
commit
75a7019f80
@ -83,6 +83,7 @@
|
||||
- [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
|
||||
- [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)
|
||||
- [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md)
|
||||
- [6.2.4 re CSAWCTF2015 wyvern](doc/6.2.4_re_csawctf2015_wyvern.md)
|
||||
|
||||
- [七、附录](doc/7_appendix.md)
|
||||
- [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md)
|
||||
|
@ -82,6 +82,7 @@ GitHub 地址:https://github.com/firmianay/CTF-All-In-One
|
||||
* [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
|
||||
* [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)
|
||||
* [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md)
|
||||
* [6.2.4 re CSAWCTF2015 wyvern](doc/6.2.4_re_csawctf2015_wyvern.md)
|
||||
* [七、附录](doc/7_appendix.md)
|
||||
* [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md)
|
||||
* [7.2 更多 Windows 工具](doc/7.2_wintools.md)
|
||||
|
@ -422,7 +422,6 @@ Count 152786
|
||||
#### 练习
|
||||
- [**RE** - picoCTF 2014 - Baleful](../src/Reverse/5.2_baleful)
|
||||
- [**RE** - Hack You 2014 - reverse - 400](../src/Reverse/5.2_reverse_400)
|
||||
- [**RE** - CSAW CTF 2015 - wyvern - 500](../src/Reverse/5.2_wyvern_500)
|
||||
- [**RE** - th3jackers CTF 2015 - rev100 - 100](../src/Reverse/5.2_th3jackers_100)
|
||||
|
||||
|
||||
|
@ -263,6 +263,7 @@ Nice!
|
||||
|
||||
|
||||
## 参考资料
|
||||
- [angr.io](http://angr.io/)
|
||||
- [docs.angr.io](https://docs.angr.io/)
|
||||
- [angr API documentation](http://angr.io/api-doc/)
|
||||
- [The Art of War:Offensive Techniques in Binary Analysis](https://www.cs.ucsb.edu/~vigna/publications/2016_SP_angrSoK.pdf)
|
||||
|
@ -355,8 +355,8 @@ typedef struct
|
||||
Elf64_Sxword r_addend; /* Addend */
|
||||
} Elf64_Rela;
|
||||
```
|
||||
32 位程序使用 REL,而 64 位程序使用 RE
|
||||
LA。
|
||||
32 位程序使用 REL,而 64 位程序使用 RELA。
|
||||
|
||||
下面的宏描述了 r_info 是怎样被解析和插入的:
|
||||
```C
|
||||
/* How to extract and insert information held in the r_info field. */
|
||||
|
14
doc/6.2.4_re_csawctf2015_wyvern.md
Normal file
14
doc/6.2.4_re_csawctf2015_wyvern.md
Normal file
@ -0,0 +1,14 @@
|
||||
# 6.2.4 re CSAWCTF2015 wyvern
|
||||
|
||||
- [题目解析](#题目解析)
|
||||
- [参考资料](#参考资料)
|
||||
|
||||
|
||||
## 题目解析
|
||||
```
|
||||
$ file wyvern
|
||||
wyvern: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=45f9b5b50d013fe43405dc5c7fe651c91a7a7ee8, not stripped
|
||||
```
|
||||
|
||||
|
||||
## 参考资料
|
@ -12,3 +12,4 @@
|
||||
- [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md)
|
||||
- [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md)
|
||||
- [6.2.3 re Codegate2017 angrybird](6.2.3_re_codegate2017_angrybird.md)
|
||||
- [6.2.4 re CSAWCTF2015 wyvern](6.2.4_re_csawctf2015_wyvern.md)
|
||||
|
@ -1,72 +1,15 @@
|
||||
# 7.4 习题答案
|
||||
|
||||
- [一、基础知识篇]()
|
||||
- [1.3 Linux 基础]()
|
||||
- [1.4 Web 安全基础]()
|
||||
- [1.5 逆向工程基础]()
|
||||
- [1.5.1 C 语言基础]()
|
||||
- [1.5.2 x86/x64/ARM 汇编基础]()
|
||||
- [1.5.3 Linux ELF]()
|
||||
- [1.5.4 Windows PE]()
|
||||
- [1.5.5 静态链接]()
|
||||
- [1.5.6 动态链接]()
|
||||
- [1.5.7 内存管理]()
|
||||
- [1.5.8 glibc malloc]()
|
||||
- [1.6 密码学基础]()
|
||||
- [1.7 Android 安全基础]()
|
||||
- [二、工具篇]()
|
||||
- [2.1 VM]()
|
||||
- [2.1 gdb/peda]()
|
||||
- [2.2 ollydbg]()
|
||||
- [2.3 windbg]()
|
||||
- [2.4 radare2]()
|
||||
- [2.5 IDA Pro]()
|
||||
- [2.6 pwntools]()
|
||||
- [2.8 zio]()
|
||||
- [2.9 metasploit]()
|
||||
- [2.10 binwalk]()
|
||||
- [2.11 Burp Suite]()
|
||||
- [三、分类专题篇]()
|
||||
- [3.1 Reverse]()
|
||||
- [3.2 Crypto]()
|
||||
- [3.3 Pwn]()
|
||||
- [3.3.1 格式化字符串漏洞](#331-格式化字符串漏洞)
|
||||
- [3.3.2 整数溢出]()
|
||||
- [3.3.3 栈溢出]()
|
||||
- [3.3.4 堆溢出]()
|
||||
- [3.4 Web]()
|
||||
- [3.5 Misc]()
|
||||
- [3.6 Mobile]()
|
||||
- [四、技巧篇]()
|
||||
- [4.1 AWD模式]()
|
||||
- [4.2 Linux 命令行技巧]()
|
||||
- [4.3 GCC 堆栈保护技术]()
|
||||
- [4.4 使用 DynELF 泄露函数地址]()
|
||||
- [五、高级篇]()
|
||||
- [5.1 Fuzz 测试]()
|
||||
- [5.2 Pin 动态二进制插桩](#52-Pin-动态二进制插桩)
|
||||
- [5.3 angr 二进制自动化分析]()
|
||||
- [5.4 反调试技术]()
|
||||
- [5.5 符号执行]()
|
||||
- [5.6 LLVM]()
|
||||
- [六、附录]()
|
||||
- [6.1 更多 Linux 工具](#61-更多-linux-工具)
|
||||
- [6.2 更多 Windows 工具]()
|
||||
|
||||
|
||||
## 3.3.1 格式化字符串漏洞
|
||||
#### **pwn** - UIUCTF 2017 - goodluck - 200
|
||||
|
||||
#### **Pwn** - NJCTF 2017 - pingme - 200
|
||||
|
||||
|
||||
## 5.2 Pin 动态二进制插桩
|
||||
#### **RE** - picoCTF 2014 - Baleful
|
||||
|
||||
#### **RE** - Hack You 2014 - reverse - 400
|
||||
|
||||
#### **RE** - CSAW CTF 2015 - wyvern - 500
|
||||
|
||||
#### **RE** - th3jackers CTF 2015 - rev100 - 100
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user