pollux's Dairy

2018-SUCTF-note
0x00 总结House of Orange的第一步是泄露libc的地址 我们可以从unsortedbin的chunk中获取。2014Hitcon那题是通过glibc释放了t...
2016-Hitcon-House_of_Orange
House_of_Orange是来自Hitcon CTF 2016中的一道同名题目,是一种通过unstoredbin attack修改_IO_list_all指针,伪造_IO_FILE_plus结构体和...
libc源码分析-chunk的释放
_libc_free123456789101112131415161718192021222324252627282930313233343536__libc_free (void *mem){ mstate ar_ptr; mchunkptr p; /* chunk corresponding to mem */ void (*hook) (void *, const void *) = atomic_forced_read (__free_hook); if (__builtin_expect (hook != NULL...
2016 ZCTF note2
程序信息note2: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=46dca2e49f923813b316f12858e7e0f42e4a82c3, stripped123456[+] checksec for '/home/pollux/note2/note2&apos...