Personally developed tools for buffer overflow attacks
一个用于缓冲区溢出攻击的工具
./BufferOverflowKiller.py
1. 更改目标ip地址和端口
2. 目标程序缓冲区溢出测试
3. 获取程序溢出边界数值
4. 排除坏字符
5. pwn掉程序,获取回连shell
发现程序溢出的区间在2000个字符内,接下来测试程序详细的溢出边界数值
然后我们去到Immunity Debugger工具中查看程序的eip寄存器的值并记录,这里是6F43396E
然后输入eip地址的值
程序得出详细的溢出边界是1978个字符
刚刚我们运行了第四个模块,这里我们直接去Immunity Debugger工具里排除坏字符
这里我们可以看到程序的坏字符是什么,之后我们方便排除
运行第五个模块,输入本地ip,端口,坏字符,程序的返回地址
然后我们打开另一个脚本,按照程序提示的补充脚本
监听设置的端口,然后运行程序,得到shell
工具在运行时可以正常执行linux命令
在测试程序坏字符时,如果程序坏字符很多,可以重复测试,很方便
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.