This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <jni.h> | |
#include <string> | |
#include <stdio.h> | |
#include <arpa/inet.h> | |
#include <stdlib.h> | |
#include <android/log.h> | |
#include <unistd.h> | |
#include <sys/socket.h> | |
#include <netinet/in.h> | |
#include <sys/prctl.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
A path traversal vulnerability delivered using a deeplink can force the com.imo.android.imoim Android Application | |
up to version 2022.11.1051 to write files into its data directory. This may allow an attacker to write a library | |
file under a special directory that the app uses to dynamically load modules. Loading the library can finally lead | |
to arbitrary code execution with the application's privileges. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.global main | |
main: | |
stp x29, x30, [sp, #-16]! | |
cmp w1, wzr | |
beq foo | |
... | |
... | |
b bar | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Single register load / store | |
ldr x1, <address> @store 64 bits from <address> to X1 | |
str w1, <address> @store 32 bits from w1 to <address> | |
ldrb x1, [x2] @store the least significant byte from *x2 to x1 | |
strh x1, [x2], #3 @store a half word (2 bytes) from x1 to *x2 and set x2 = x2 + 3 | |
strsh w0, [w3] @store a half word (2 bytes) from w0 to *w3 and sign extend it | |
@Pair of registers load / store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <stdint.h> | |
#include <assert.h> | |
void jackpot(){ fprintf(stderr, "Nice jump d00d\n"); exit(0); } | |
int main(int argc, char * argv[]){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
void jackpot(){ fprintf(stderr, "Nice jump d00d\n"); exit(0); } | |
int main(int argc, char * argv[]){ | |
intptr_t* stack_buffer_1[4] = {0}; | |
intptr_t* stack_buffer_2[3] = {0}; | |
intptr_t *victim = malloc(0x100); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
int main() | |
{ | |
malloc(1); | |
unsigned long long *a; | |
unsigned long long fake_chunk[4] __attribute__ ((aligned (16))); | |
fake_chunks[1] = 0x40; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <stdint.h> | |
typedef void (*dn)(); | |
uint64_t *chunk0_ptr; | |
void doNothing() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdlib.h> | |
#include <string.h> | |
int main( int argc, char * argv[] ) | |
{ | |
char * first, * second; | |
first = malloc(0x420); | |
second = malloc(0x420); | |
if(argc!=1) | |
strcpy( first, argv[1] ); | |
printf("Hi %s\n",first); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <assert.h> | |
void main() { | |
printf("Fill up the tcache list to force the fastbin usage...\n"); | |
void *ptr[7]; |
NewerOlder