Background In mid-January, ZDI announced the rules for the 2017 competition, which included a substantial reward for teams that could break VMware and achieve virtual machine escape. VMware is no longer a new target; it was identified as a target in 2016. As a target, VMware has undergone various attacks, with many points of attack … Read more
About Pwndbg Pwndbg is a GDB plugin specifically designed for security vulnerability analysis. This tool greatly simplifies the difficulty researchers face when using GDB for vulnerability analysis and debugging. It primarily focuses on the functionalities required by software developers, hardware hackers, reverse engineers, and vulnerability analysts. The original GDB is not suitable for reverse engineering … Read more
About Pwndbg Pwndbg is a GDB plugin specifically designed for security vulnerability analysis. This tool significantly simplifies the difficulty researchers face when using GDB for vulnerability analysis and debugging. It mainly focuses on the features required by software developers, hardware hackers, reverse engineers, and vulnerability analysts. The original GDB is not suitable for reverse engineering … Read more
1. Physical Memory Layout Formula When you see an address like 0B3F:0100 in debug, remember the physical address calculation formula: For example, 0B3F*10h+0100=0C3F0. This formula explains why CS:IP always points to strange memory locations (a legacy black magic of old programmers). 2. Core Command Anatomy Command Prototype: -a [address]Parameter Description: If address is not filled, … Read more
This article is an excellent piece from the Kanxue Forum. Kanxue Forum Author ID: Feng Yi Ying Han It seems that there is very little content related to the CoAP protocol on domestic security forums like Kanxue, and the CVEs mainly involve vulnerabilities in the CoAP protocol library. Therefore, I will organize and record my … Read more
1 Problem-Solving Ideas The final number of solutions for this problem is 42, as the difficulty level is not high and generally meets expectations. The problem is coded in Rust, and it was decided to remove symbols without providing the source code the night before the competition. This not only made it very difficult for … Read more
Discuss common types of Python questions. One The first type: Direct Decompilation Type In addition to directly obtaining the Python file for the question, the question setter can also slightly modify it by providing the corresponding .pyc file, which is the bytecode of Python. Definition of PYC File PYC files are the main intermediate files … Read more
In the workplace, a significant amount of time and effort is spent analyzing NOP instructions, which has become a concern for reverse engineers and security responders. NOP instructions are a series of instructions that have no actual significance. Besides wasting time, I have found that some people are also shocked and excited by the NOP … Read more
I don’t know when it started, but learning programming has become a headache for many. There are always those late nights when I look up at the bright moon and wonder when I can master assembly language, fulfilling the dreams of countless young women. But reality always hits hard… There are many moments when I … Read more
Welcome to the series of articles “Introduction to ARM Assembly Programming.” This series is designed to lay the groundwork for the upcoming “ARM Exploit Development Tutorial” (in progress). Before we dive into writing shellcode and constructing ROP chains using ARM assembly, we need to first grasp some fundamental knowledge about ARM assembly. We will cover … Read more