CTF-All-In-One/doc/6.4_writeup.md
firmianay bb403d3303 fix
2017-08-16 21:49:30 +08:00

102 lines
2.5 KiB
Markdown

# 6.4 习题答案
- [一、基础知识篇]()
- [1.3 Linux 基础]()
- [1.4 Web 安全基础]()
- [1.5 逆向工程基础]()
- [1.5.1 C 语言基础]()
- [1.5.2 x86/x64/ARM 汇编基础]()
- [1.5.3 Linux ELF]()
- [1.5.4 Windows PE]()
- [1.5.5 静态链接]()
- [1.5.6 动态链接]()
- [1.5.7 内存管理]()
- [1.5.8 glibc malloc]()
- [1.6 密码学基础]()
- [1.7 Android 安全基础]()
- [二、工具篇]()
- [2.1 VM]()
- [2.1 gdb/peda]()
- [2.2 ollydbg]()
- [2.3 windbg]()
- [2.4 radare2]()
- [2.5 IDA Pro]()
- [2.6 pwntools]()
- [2.8 zio]()
- [2.9 metasploit]()
- [2.10 binwalk]()
- [2.11 Burp Suite]()
- [三、分类专题篇]()
- [3.1 Reverse]()
- [3.2 Crypto]()
- [3.3 Pwn]()
- [3.4 Web]()
- [3.5 Misc]()
- [3.6 Mobile]()
- [四、技巧篇]()
- [4.1 AWD模式]()
- [4.2 Linux 命令行技巧]()
- [4.3 GCC 堆栈保护技术]()
- [五、高级篇]()
- [5.1 Fuzz 测试]()
- [5.2 Pin 动态二进制插桩](#52-Pin-动态二进制插桩)
- [5.3 angr 二进制自动化分析]()
- [5.4 反调试技术]()
- [六、附录]()
- [6.1 更多 Linux 工具](#61-更多-linux-工具)
- [6.2 更多 Windows 工具]()
## 5.2 Pin 动态二进制插桩
#### Baleful - picoCTF 2014
#### Reverse 400 - Hack You 2014
#### wyvern 500 - CSAW CTF 2015
#### rev100 - th3jackers CTF 2015
## 6.1 更多 Linux 工具
#### Strings - strings_crackme
```text
[firmy@Reverse]$ strings -e L strings_crackme
w0wgreat
```
#### Strings - flag_pwnablekr
```text
[firmy@Reverse]$ ./flag_pwnablekr
I will malloc() and strcpy the flag there. take it.
[firmy@Reverse]$ strings flag_pwnablekr | grep UPX
UPX!
$Info: This file is packed with the UPX executable packer http://upx.sf.net $
$Id: UPX 3.08 Copyright (C) 1996-2011 the UPX Team. All Rights Reserved. $
UPX!
UPX!
[firmy@Reverse]$ upx -d flag_pwnablekr
Ultimate Packer for eXecutables
Copyright (C) 1996 - 2017
UPX 3.94 Markus Oberhumer, Laszlo Molnar & John Reiser May 12th 2017
File size Ratio Format Name
-------------------- ------ ----------- -----------
883745 <- 335288 37.94% linux/amd64 flag_pwnablekr
Unpacked 1 file.
[firmy@Reverse]$ strings flag_pwnablekr | grep -i upx
UPX...? sounds like a delivery service :)
```
#### xxd - xxd_crackme
```text
[firmy@Reverse]$ xxd -g1 xxd_crackme
......
00001020: 00 00 00 00 67 30 30 64 4a 30 42 21 00 00 00 00 ....g00dJ0B!....
......
```
```text
[firmy@Reverse]$ strings -d xxd_crackme
......
g00dJ0B!
......
```