add 6.2.4

This commit is contained in:
firmianay 2017-12-04 16:13:39 +08:00
parent 571cc031eb
commit 75a7019f80
9 changed files with 20 additions and 60 deletions

View File

@ -83,6 +83,7 @@
- [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md) - [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
- [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md) - [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)
- [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md) - [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md)
- [6.2.4 re CSAWCTF2015 wyvern](doc/6.2.4_re_csawctf2015_wyvern.md)
- [七、附录](doc/7_appendix.md) - [七、附录](doc/7_appendix.md)
- [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md) - [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md)

View File

@ -82,6 +82,7 @@ GitHub 地址https://github.com/firmianay/CTF-All-In-One
* [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md) * [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
* [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md) * [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)
* [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md) * [6.2.3 re Codegate2017 angrybird](doc/6.2.3_re_codegate2017_angrybird.md)
* [6.2.4 re CSAWCTF2015 wyvern](doc/6.2.4_re_csawctf2015_wyvern.md)
* [七、附录](doc/7_appendix.md) * [七、附录](doc/7_appendix.md)
* [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md) * [7.1 更多 Linux 工具](doc/7.1_Linuxtools.md)
* [7.2 更多 Windows 工具](doc/7.2_wintools.md) * [7.2 更多 Windows 工具](doc/7.2_wintools.md)

View File

@ -422,7 +422,6 @@ Count 152786
#### 练习 #### 练习
- [**RE** - picoCTF 2014 - Baleful](../src/Reverse/5.2_baleful) - [**RE** - picoCTF 2014 - Baleful](../src/Reverse/5.2_baleful)
- [**RE** - Hack You 2014 - reverse - 400](../src/Reverse/5.2_reverse_400) - [**RE** - Hack You 2014 - reverse - 400](../src/Reverse/5.2_reverse_400)
- [**RE** - CSAW CTF 2015 - wyvern - 500](../src/Reverse/5.2_wyvern_500)
- [**RE** - th3jackers CTF 2015 - rev100 - 100](../src/Reverse/5.2_th3jackers_100) - [**RE** - th3jackers CTF 2015 - rev100 - 100](../src/Reverse/5.2_th3jackers_100)

View File

@ -263,6 +263,7 @@ Nice!
## 参考资料 ## 参考资料
- [angr.io](http://angr.io/)
- [docs.angr.io](https://docs.angr.io/) - [docs.angr.io](https://docs.angr.io/)
- [angr API documentation](http://angr.io/api-doc/) - [angr API documentation](http://angr.io/api-doc/)
- [The Art of War:Offensive Techniques in Binary Analysis](https://www.cs.ucsb.edu/~vigna/publications/2016_SP_angrSoK.pdf) - [The Art of War:Offensive Techniques in Binary Analysis](https://www.cs.ucsb.edu/~vigna/publications/2016_SP_angrSoK.pdf)

View File

@ -355,8 +355,8 @@ typedef struct
Elf64_Sxword r_addend; /* Addend */ Elf64_Sxword r_addend; /* Addend */
} Elf64_Rela; } Elf64_Rela;
``` ```
32 位程序使用 REL而 64 位程序使用 RE 32 位程序使用 REL而 64 位程序使用 RELA。
LA。
下面的宏描述了 r_info 是怎样被解析和插入的: 下面的宏描述了 r_info 是怎样被解析和插入的:
```C ```C
/* How to extract and insert information held in the r_info field. */ /* How to extract and insert information held in the r_info field. */

View File

@ -0,0 +1,14 @@
# 6.2.4 re CSAWCTF2015 wyvern
- [题目解析](#题目解析)
- [参考资料](#参考资料)
## 题目解析
```
$ file wyvern
wyvern: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=45f9b5b50d013fe43405dc5c7fe651c91a7a7ee8, not stripped
```
## 参考资料

View File

@ -12,3 +12,4 @@
- [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md) - [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md)
- [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md) - [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md)
- [6.2.3 re Codegate2017 angrybird](6.2.3_re_codegate2017_angrybird.md) - [6.2.3 re Codegate2017 angrybird](6.2.3_re_codegate2017_angrybird.md)
- [6.2.4 re CSAWCTF2015 wyvern](6.2.4_re_csawctf2015_wyvern.md)

View File

@ -1,72 +1,15 @@
# 7.4 习题答案 # 7.4 习题答案
- [一、基础知识篇]()
- [1.3 Linux 基础]()
- [1.4 Web 安全基础]()
- [1.5 逆向工程基础]()
- [1.5.1 C 语言基础]()
- [1.5.2 x86/x64/ARM 汇编基础]()
- [1.5.3 Linux ELF]()
- [1.5.4 Windows PE]()
- [1.5.5 静态链接]()
- [1.5.6 动态链接]()
- [1.5.7 内存管理]()
- [1.5.8 glibc malloc]()
- [1.6 密码学基础]()
- [1.7 Android 安全基础]()
- [二、工具篇]()
- [2.1 VM]()
- [2.1 gdb/peda]()
- [2.2 ollydbg]()
- [2.3 windbg]()
- [2.4 radare2]()
- [2.5 IDA Pro]()
- [2.6 pwntools]()
- [2.8 zio]()
- [2.9 metasploit]()
- [2.10 binwalk]()
- [2.11 Burp Suite]()
- [三、分类专题篇]()
- [3.1 Reverse]()
- [3.2 Crypto]()
- [3.3 Pwn]()
- [3.3.1 格式化字符串漏洞](#331-格式化字符串漏洞)
- [3.3.2 整数溢出]()
- [3.3.3 栈溢出]()
- [3.3.4 堆溢出]()
- [3.4 Web]()
- [3.5 Misc]()
- [3.6 Mobile]()
- [四、技巧篇]()
- [4.1 AWD模式]()
- [4.2 Linux 命令行技巧]()
- [4.3 GCC 堆栈保护技术]()
- [4.4 使用 DynELF 泄露函数地址]()
- [五、高级篇]()
- [5.1 Fuzz 测试]()
- [5.2 Pin 动态二进制插桩](#52-Pin-动态二进制插桩)
- [5.3 angr 二进制自动化分析]()
- [5.4 反调试技术]()
- [5.5 符号执行]()
- [5.6 LLVM]()
- [六、附录]()
- [6.1 更多 Linux 工具](#61-更多-linux-工具)
- [6.2 更多 Windows 工具]()
## 3.3.1 格式化字符串漏洞 ## 3.3.1 格式化字符串漏洞
#### **pwn** - UIUCTF 2017 - goodluck - 200 #### **pwn** - UIUCTF 2017 - goodluck - 200
#### **Pwn** - NJCTF 2017 - pingme - 200
## 5.2 Pin 动态二进制插桩 ## 5.2 Pin 动态二进制插桩
#### **RE** - picoCTF 2014 - Baleful #### **RE** - picoCTF 2014 - Baleful
#### **RE** - Hack You 2014 - reverse - 400 #### **RE** - Hack You 2014 - reverse - 400
#### **RE** - CSAW CTF 2015 - wyvern - 500
#### **RE** - th3jackers CTF 2015 - rev100 - 100 #### **RE** - th3jackers CTF 2015 - rev100 - 100