(draft; work in progress)
See also:
- Compilers
- Program analysis:
- Dynamic analysis - instrumentation, translation, sanitizers
d4em0n
/ analysis.draft.md
Created
July 23, 2021 03:41
— forked from MattPD/analysis.draft.md
Program Analysis Resources (WIP draft)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| from base64 import * | |
| Rcon = ( | |
| 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, | |
| 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, | |
| 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, | |
| 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, | |
| 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, | |
| 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _GNU_SOURCE | |
| #include <sys/ioctl.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <stdlib.h> | |
| #include <sys/mman.h> | |
| #include <sys/resource.h> | |
| #include <fcntl.h> | |
| #include <err.h> | |
| #include <sys/wait.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _GNU_SOURCE | |
| #include <err.h> | |
| #include <stdint.h> | |
| #include <linux/bpf.h> | |
| #include <linux/filter.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <sys/syscall.h> | |
| #include <asm/unistd_64.h> | |
| #include <sys/types.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Running with: ./exploit $(cat /proc/kallsyms | grep uiuctf | awk '{print $1}') | |
| #define _GNU_SOURCE | |
| #include <sched.h> | |
| #include <stdio.h> | |
| #include <fcntl.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #include <sys/ioctl.h> | |
| #include <errno.h> | |
| #include <pthread.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _GNU_SOURCE | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <sys/time.h> | |
| #include <time.h> | |
| #include <stdlib.h> | |
| #include <sys/syscall.h> | |
| #include <unistd.h> | |
| #include <dlfcn.h> | |
| #include <string.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| void setbff(void) | |
| { | |
| setvbuf(stdin,(char *)0x0,2,0); | |
| setvbuf(stdout,(char *)0x0,2,0); | |
| setvbuf(stderr,(char *)0x0,2,0); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <fcntl.h> | |
| #include <unistd.h> | |
| #include <sys/mman.h> | |
| #include <sys/types.h> | |
| #include <sys/stat.h> | |
| #include <stdint.h> | |
| #include <assert.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context.arch = "amd64" | |
| context.terminal = "tmux splitw -h -f".split() | |
| #cmd = "b* $_base()+0x1586" | |
| cmd = "" | |
| DEBUG = 0 | |
| p = process("./heap") | |
| #p = remote("yetanotherheap.hackable.software", 1337) | |
| if DEBUG: | |
| gdb.attach(p, cmd, gdb_args=['--init-eval-command="source ~/ctf/tools/gef/gef.py"']) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var buf = new ArrayBuffer(8); | |
| var f64_buf = new Float64Array(buf); | |
| var u64_buf = new Uint32Array(buf); | |
| function ftoi(val) { | |
| f64_buf[0] = val; | |
| return BigInt(u64_buf[0]) + (BigInt(u64_buf[1]) << 32n); | |
| } | |
| function itof(val) { |
NewerOlder