Exploring Vulnerabilities in the VMware Workstation Renderer

Exploring Vulnerabilities in the VMware Workstation Renderer

Background In mid-January, ZDI announced the rules for the 2017 competition, which included a substantial reward for teams that could break VMware and achieve virtual machine escape. VMware is no longer a new target; it was identified as a target in 2016. As a target, VMware has undergone various attacks, with many points of attack … Read more

Pwndbg: A GDB Plugin Designed for Vulnerability Analysis

Pwndbg: A GDB Plugin Designed for Vulnerability Analysis

About Pwndbg Pwndbg is a GDB plugin specifically designed for security vulnerability analysis. This tool greatly simplifies the difficulty researchers face when using GDB for vulnerability analysis and debugging. It primarily focuses on the functionalities required by software developers, hardware hackers, reverse engineers, and vulnerability analysts. The original GDB is not suitable for reverse engineering … Read more

Pwndbg: A GDB Plugin Designed for Security Vulnerability Analysis

Pwndbg: A GDB Plugin Designed for Security Vulnerability Analysis

About Pwndbg Pwndbg is a GDB plugin specifically designed for security vulnerability analysis. This tool significantly simplifies the difficulty researchers face when using GDB for vulnerability analysis and debugging. It mainly focuses on the features required by software developers, hardware hackers, reverse engineers, and vulnerability analysts. The original GDB is not suitable for reverse engineering … Read more

Introduction to Assembly Language: Using Debug Tools

Introduction to Assembly Language: Using Debug Tools

1. Physical Memory Layout Formula When you see an address like 0B3F:0100 in debug, remember the physical address calculation formula: For example, 0B3F*10h+0100=0C3F0. This formula explains why CS:IP always points to strange memory locations (a legacy black magic of old programmers). 2. Core Command Anatomy Command Prototype: -a [address]Parameter Description: If address is not filled, … Read more

Practical Exploitation of CoAP Protocol Vulnerabilities

Practical Exploitation of CoAP Protocol Vulnerabilities

This article is an excellent piece from the Kanxue Forum. Kanxue Forum Author ID: Feng Yi Ying Han It seems that there is very little content related to the CoAP protocol on domestic security forums like Kanxue, and the CVEs mainly involve vulnerabilities in the CoAP protocol library. Therefore, I will organize and record my … Read more

Sharing Ideas on Strong Network Cup S8 Rust Pwn Chat-With-Me Problem

Sharing Ideas on Strong Network Cup S8 Rust Pwn Chat-With-Me Problem

1 Problem-Solving Ideas The final number of solutions for this problem is 42, as the difficulty level is not high and generally meets expectations. The problem is coded in Rust, and it was decided to remove symbols without providing the source code the night before the competition. This not only made it very difficult for … Read more

Python Reverse Engineering Summary

Python Reverse Engineering Summary

Discuss common types of Python questions. One The first type: Direct Decompilation Type In addition to directly obtaining the Python file for the question, the question setter can also slightly modify it by providing the corresponding .pyc file, which is the bytecode of Python. Definition of PYC File PYC files are the main intermediate files … Read more

Identifying and Avoiding NOP Instructions in Disassembly

Identifying and Avoiding NOP Instructions in Disassembly

In the workplace, a significant amount of time and effort is spent analyzing NOP instructions, which has become a concern for reverse engineers and security responders. NOP instructions are a series of instructions that have no actual significance. Besides wasting time, I have found that some people are also shocked and excited by the NOP … Read more

Introduction to ARM Assembly Programming

Introduction to ARM Assembly Programming

Welcome to the series of articles “Introduction to ARM Assembly Programming.” This series is designed to lay the groundwork for the upcoming “ARM Exploit Development Tutorial” (in progress). Before we dive into writing shellcode and constructing ROP chains using ARM assembly, we need to first grasp some fundamental knowledge about ARM assembly. We will cover … Read more