[B! Binary] ytokuã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

ytoku id:ytoku

Binaryã«é–¢ã™ã‚‹ytokuã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (10)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

Qiling Framework
Introduction Cross platform and multi arch ultra lightweight emulator. Supported OS: Linux, MacOS, Windows, FreeBSD, DOS and UEFI. Support Arch: x86(16/32/64), ARM(64) MIPS, EVM and WASM. 2023-08-04
ytoku 2022/05/30
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

Binary
ãƒªãƒ³ã‚¯
UEFIã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ã¯ã˜ã‚ã‹ãŸ
UEFI Advent Calender 12æ—¥ç›®ã ã£ãŸoruminã§ã™ ç››å¤§ã«é…åˆ»ã‹ã¾ã—ã¦ã‚‚ã¯ã‚„é…åˆ»ã¨ã•ãˆè¨€ãˆãªã„æ„Ÿã˜ã§ã™ã€‚ UEFIã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã€ã¾ãšã©ã†ä½œã‚‹ã‹ã‚ã‹ã‚‰ãªã„æ–¹ã‚‚å¤šã„ã‹ã¨æ€ã„ã¾ã™ã€‚ ã¾ãšã€UEFIãŒå®Ÿè¡Œã§ãã‚‹å®Ÿè¡Œå½¢å¼ã«ã¤ã„ã¦ã€ã“ã‚Œã¯Windowsã¨åŒã˜PEãƒã‚¤ãƒŠãƒªã§ã™ã€‚ ã¾ãŸã€EDKã®ã‚ˆã†ãªãƒ„ãƒ¼ãƒ«ã‚ãƒƒãƒˆã‚’ç”¨ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€ ä»Šå›žã¯gnu-efiã§èª¬æ˜Žã—ã¾ã™ã€‚ gnu-efiã¨ã¯ã€BSDLãªEFIã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³é–‹ç™ºç”¨ãƒ©ã‚¤ãƒ–ãƒ©ãƒªã§ã™ã€‚ Linuxã‚„BSDã§ã®é–‹ç™ºã«è¦ªå’Œæ€§ãŒé«˜ã„ã¨æ€ã‚ã‚Œã¾ã™ã€‚ ã“ã‚Œã¯æœ€è¿‘ã ã¨aptã‚„pacmanã§ãã®ã¾ã¾ãƒã‚¤ãƒŠãƒªã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ãŒå¯èƒ½ã§ã™ã€‚ ãã—ã¦ã€æ¬¡ã«ã“ã®ã‚ˆã†ãªãƒ•ã‚¡ã‚¤ãƒ«ã‚’ç”¨æ„ã—ã¾ã™ å‰è€…ãŒUEFIã§ã®Hello, World!ã§ã™ã€‚efi_mainãŒã‚¨ãƒ³ãƒˆãƒªãƒã‚¤ãƒ³ãƒˆã€ ImageHandleã‚‚SystemTableã‚‚UEFIã®API(P
ytoku 2015/02/25
Binary
ãƒªãƒ³ã‚¯
ROP Illmatic: Exploring Universal ROP on glibc x86-64 (en)
2014/11/15 AVTOKYO2014 (English Version) Japanese Version: http://www.slideshare.net/inaz2/rop-illmatic-exploring-universal-rop-on-glibc-x8664-jaRead less
ytoku 2014/12/27
CTF

Binary
ãƒªãƒ³ã‚¯
Private Presentation
Private content!This content has been marked as private by the uploader.
ytoku 2014/12/25
CTF

Binary
ãƒªãƒ³ã‚¯
APASEC 2013 - ROP/JIT ã‚’ä½¿ã‚ãšã« DEP/ASLR ã‚’å›žé¿ã™ã‚‹æ‰‹æ³•ã‚’è¦‹ã¦ã¿ãŸã€‚
8. DEP (ãƒ‡ãƒ¼ã‚¿å®Ÿè¡Œé˜²æ¢) è©³ã—ãæ›¸ãã¨ ï¼š ï‚ x86_64 ç‰ˆ Windows + x86_64 ç’°å¢ƒç”¨ã®å®Ÿè¡Œãƒ•ã‚¡ã‚¤ãƒ« ï‚ å…¨ã¦ã«é©ç”¨ã•ã‚Œã‚‹ã€‚ (AlwaysOn) BCD ã«ã¦ nx = AlwaysOff ã¨æŒ‡å®šã™ã‚Œã°å¤–ã‚Œã‚‹ã€‚ ï‚ ã‚¹ãƒ¬ãƒƒãƒ‰ã‚¹ã‚¿ãƒƒã‚¯ (Kernel,User), ãƒšãƒ¼ã‚¸é ˜åŸŸ (User), Paged pool (Kernel), Session Pool (Kernel) ãŒå¯¾è±¡ã€‚ ï‚ x86 ç‰ˆ Windows or x86 ç’°å¢ƒç”¨ã®å®Ÿè¡Œãƒ•ã‚¡ã‚¤ãƒ« ï‚ é‡è¦ãªã‚‚ã®ã®ã¿ã«åŽŸå‰‡é©ç”¨ã€‚ (OutIn) ãŸã ã—ã€ã‚µãƒ¼ãƒç”¨OS ã§ã¯åŽŸå‰‡å…¨ã¦ (OptOut) ï‚ ãªãŠã€PAE (Physical Address Extension) ãŒæœ‰åŠ¹ãªç’°å¢ƒã§ãªã„ã¨ã€ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ DEP ãŒæœ‰åŠ¹ã«ãªã‚‰ãªã„ã€‚ ï‚ ã‚¹ãƒ¬ãƒƒãƒ‰ã‚¹ã‚¿ãƒƒã‚¯ (User), ãƒšãƒ¼ã‚¸é ˜åŸŸ (User) å‚ç…§å…ƒï¼š
ytoku 2014/12/19
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

Windows

CTF

Binary
ãƒªãƒ³ã‚¯
ASLRå›žé¿æŠ€è¡“ã¨Chromeã®sandboxã®çªç ´exploit | Scene Research Station
IEã®è„†å¼±æ€§ã¨Use-After-Free ã¨ã„ã†ãƒ¡ãƒ¢ã‚’æ›¸ã„ã¦è‰²ã€…èª¿ã¹ã¦ã„ãŸã‚‰ã€é¢ç™½ã„è¨˜äº‹ã‚’è¦‹ã¤ã‘ãŸã€‚ ASLR Bypass Apocalypse in Recent Zero-Day Exploits http://www.fireeye.com/blog/technical/cyber-exploits/2013/10/aslr-bypass-apocalypse-in-lately-zero-day-exploits.html ã©ã†ã‚„ã‚‰æœ€è¿‘ã¯ASLRã‚‚å›žé¿ã™ã‚‹æ–¹æ³•ãŒç¢ºç«‹ã•ã‚Œã¤ã¤ã‚ã‚‹ã‚‰ã—ã„ã€‚ ãƒªãƒ³ã‚¯å…ˆã§å¹¾ã¤ã‹å›žé¿æ–¹æ³•ãŒç´¹ä»‹ã•ã‚Œã¦ã„ã‚‹ãŒã€ãã®æœ€ã‚‚æœ‰åŠ›ãªæ‰‹æ³•ãŒArrayã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®lengthã®æ›¸ãæ›ãˆã€‚Buffer overflowãªã‚Šuse-after-freeãªã‚Šã§arrayã®lengthã‚’ä¸æ£ã«æ›¸ãæ›ãˆã‚‹ã“ã¨ã§ã€æœ€çµ‚çš„ã«å…¨ãƒ¡ãƒ¢ãƒªã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©ã‚’ã‚¹ã‚¯ãƒªãƒ—ãƒˆä¸Šã‹ã‚‰å¾—ã‚‹ã€‚ã“ã†ãªã‚Œã°e
ytoku 2014/12/19
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£

Binary
ãƒªãƒ³ã‚¯
GitHub - shinh/maloader: mach-o loader for linux
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert
ytoku 2014/11/26
Linux

Binary
ãƒªãƒ³ã‚¯
.:Shell-Storm.org:. | Project | ROPgadget tool
ytoku 2013/10/19
CTF

Binary
ãƒªãƒ³ã‚¯
ld -z relro ã§ GOT overwrite attack ã‹ã‚‰èº«ã‚’å®ˆã‚‹ - memologue
GOT overwrite? "GOT overwrite" ã¨ã„ã†ã€(ã“ã“ã§ã¯ç‰¹ã«Linuxã®)ãƒ—ãƒã‚°ãƒ©ãƒ ã«å¯¾ã™ã‚‹æ”»æ’ƒæ–¹æ³•ãŒã‚ã‚Šã¾ã™ã€‚æ”»æ’ƒãŒæˆåŠŸã™ã‚‹ã¨ã€ãã®ãƒ—ãƒã‚»ã‚¹ã®æ¨©é™ã§ã®ä»»æ„ã‚³ãƒ¼ãƒ‰å®Ÿè¡Œç‰ã€æ·±åˆ»ãªè¢«å®³ã‚’å—ã‘ã¾ã™ã€‚æœ€è¿‘ã®GNU ld(ãƒªãƒ³ã‚«)ã®ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚’ç”¨ã„ã‚‹ã¨ã€ã“ã®æ”»æ’ƒã‹ã‚‰èº«ã‚’å®ˆã‚‹ã“ã¨ãŒã§ãã‚‹ãã†ã§ã™ã®ã§ã€ç´¹ä»‹ã—ã¾ã™ã€‚ æœ€åˆã«ã¾ã¨ã‚ ï¼ˆã“ã¾ã‹ã„ã“ã¨ã¯ã‚ã¨ã§ï¼‰ GOT overwrite ã‹ã‚‰èº«ã‚’å®ˆã‚‹ã«ã¯ã€gccã§ãƒ—ãƒã‚°ãƒ©ãƒ ã‚’ãƒªãƒ³ã‚¯ã™ã‚‹ã¨ãã«ã€ -Wl,-z,now,-z,relro ã‚’ã¤ã‘ã‚‹ã ã‘ã§ã™ã€‚èµ·å‹•æ™‚é–“ãŒé…ããªã‚‹ã¨ã„ã†ãƒˆãƒ¬ãƒ¼ãƒ‰ã‚ªãƒ•ãŒã‚ã‚Šã¾ã™ãŒã€GOTãŒreadonlyã«ãªã‚Šã¾ã™ã€‚GOTãŒreadonlyãªã‚‰ã€GOT overwrite attack ã‚’å—ã‘ãŸã¨ãã«ã€ãƒ—ãƒã‚»ã‚¹ãŒSEGVã—ã¦ãã‚Œã¾ã™ã®ã§ã€å®‰å…¨æ€§ãŒé«˜ã¾ã‚Šã¾ã™ã€‚ãƒ—ãƒã‚»ã‚¹ã®ãƒ¡ãƒ¢ãƒªãƒžãƒƒãƒ—ã‚’ç¢ºèªã™ã‚‹ã¨ã€ãã¡ã‚“ã¨ w ãŒè½ã¡ã¦
ytoku 2013/10/14
Linux

Binary
ãƒªãƒ³ã‚¯
Runtime Symbol Resolution
9. Build (& Load) Process Usually you just type â€œgcc foo.câ€ and it invokes the four sub-processes for you. (text) (text) (text) (ELF) (ELF) (ELF) C code Preprocessed C code Assem bly code Executable code Relocatable code Preprocessor Compiler Process Image Assem bler Linker Loader DL 10. What's Dynamic Library? Dynamic library is linked at runtime While static library is linked at â€œcompile-timeâ€ Sha
ytoku 2013/10/14
Linux

Binary
ãƒªãƒ³ã‚¯
1