首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. 二进制漏洞
    3. 发新帖
[分享][持续更新]软件漏洞资料收集汇总
发表于: 2015-12-11 21:01 4301

[分享][持续更新]软件漏洞资料收集汇总

Netfairy 活跃值
11
2015-12-11 21:01
4301
IE漏洞利用之信息泄露技术:4cfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1k6i4c8K6k6h3y4Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3x3e0b7#2z5o6m8Q4x3X3g2Z5N6r3#2D9

关于泄漏的艺术:e42K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4Q4x3X3g2T1L8r3!0Y4i4K6u0W2M7$3W2F1j5g2)9J5k6h3y4G2L8g2)9J5k6h3y4F1i4K6u0r3M7s2u0G2k6X3W2D9k6g2)9J5k6i4m8Z5M7q4)9K6c8X3u0D9L8$3N6A6k6q4)9K6c8o6k6V1z5h3t1%4z5e0M7K6z5o6V1H3x3o6m8C8j5X3D9`.

A browser is only as strong as its weakest byte :  031K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2W2P5r3!0V1N6i4y4A6L8Y4c8W2L8q4)9J5k6h3y4G2L8g2)9J5c8U0t1H3x3e0y4Q4x3V1j5I4x3g2)9J5c8U0t1$3i4K6u0r3j5Y4u0G2N6%4y4W2M7W2)9J5k6s2N6W2j5h3E0W2M7%4c8Q4x3X3c8T1P5i4c8W2i4K6u0r3

A browser is only as strong as its weakest byte – Part 2:06cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2k6i4S2G2k6s2g2K6K9h3&6@1k6h3I4Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5K6i4K6u0r3x3e0u0Q4x3V1j5H3z5g2)9J5c8X3q4Q4x3X3c8T1M7X3!0%4M7$3g2J5i4K6u0V1K9i4y4Q4x3X3c8G2L8X3I4&6i4K6u0V1j5i4y4Q4x3X3c8K6N6s2u0G2L8X3N6Q4x3X3c8S2M7#2)9J5k6r3W2@1M7#2)9J5k6s2N6W2j5h3E0W2M7%4c8Q4x3X3c8T1P5i4c8W2i4K6u0V1M7r3q4J5N6q4)9J5k6o6u0Q4x3V1j5`.

ASLR Bypass Apocalypse in Recent Zero-Day Exploits:b81K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2X3K9i4u0W2k6i4W2W2i4K6u0W2j5$3!0E0i4K6u0r3j5X3I4G2k6#2)9J5c8Y4c8Z5M7X3g2S2N6q4)9J5k6s2u0W2M7$3g2S2M7X3y4Z5i4K6u0r3x3U0l9I4x3#2)9J5c8U0p5H3i4K6u0r3j5i4y4D9M7W2)9J5k6r3u0&6M7r3q4K6M7#2)9J5k6r3q4H3L8$3y4S2L8s2W2H3M7$3g2Q4x3X3c8A6L8W2)9J5k6r3I4S2N6r3g2D9P5g2)9J5k6s2A6W2M7X3!0Q4x3X3c8V1j5i4W2Q4x3X3c8W2P5s2m8D9L8$3W2@1M7#2)9J5k6h3S2@1L8h3H3`.

软件漏洞分析技巧分享:833K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0A6N6i4y4C8M7$3E0Q4x3X3g2T1L8r3!0Y4j5Y4g2K6i4K6u0W2j5$3!0E0i4K6u0r3L8r3!0Y4M7#2)9J5c8U0t1$3y4K6R3J5x3K6x3I4y4#2)9J5k6h3S2@1L8h3H3`.

PDF Exploit分析资料收集:52aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6A6L8X3g2Z5j5h3y4C8k6i4u0K6i4K6u0W2j5$3!0E0i4K6u0r3x3U0l9I4y4q4)9J5c8U0p5I4i4K6u0r3x3e0c8Q4x3V1k6H3k6r3k6Q4y4h3k6W2P5s2m8D9L8$3W2@1i4K6g2X3M7%4g2E0L8h3q4J5P5g2)9J5c8R3`.`.

Windbg命令大全:18cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6A6L8X3c8T1k6#2)9J5k6h3W2F1k6X3!0Q4x3V1k6V1L8$3y4Q4x3V1j5I4i4K6u0V1j5$3!0E0L8h3!0F1i4K6u0V1j5$3#2V1M7#2)9J5k6h3S2@1L8h3H3`.

windows kernel exploitation基础教程:f05K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8J5L8%4m8K6i4K6u0W2N6$3!0G2P5i4g2F1i4K6u0W2L8%4u0Y4i4K6u0r3N6r3W2H3M7#2)9J5c8U0j5J5x3U0f1`.

Root Cause Analysis – Memory Corruption Vulnerabilities:40fK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2U0L8%4u0W2L8r3q4F1i4K6u0W2j5X3g2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9J5c8U0t1H3x3e0y4Q4x3V1j5H3x3W2)9J5c8U0t1$3i4K6u0r3M7X3!0G2N6q4)9J5k6r3y4S2N6i4y4W2i4K6u0V1j5h3&6S2L8s2W2K6K9i4y4Q4x3X3c8E0k6h3#2G2M7Y4W2Q4x3X3c8U0L8%4u0J5N6i4m8@1K9h3!0F1i4K6u0V1N6Y4g2D9L8X3g2J5j5h3u0A6L8r3W2@1K9h3g2K6i4K6u0r3

Root Cause Analysis – Integer Overflows:b09K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2U0L8%4u0W2L8r3q4F1i4K6u0W2j5X3g2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9J5c8U0t1H3x3e0y4Q4x3V1j5H3y4#2)9J5c8U0l9J5i4K6u0r3M7X3!0G2N6q4)9J5k6r3y4S2N6i4y4W2i4K6u0V1j5h3&6S2L8s2W2K6K9i4y4Q4x3X3c8A6L8Y4c8W2k6$3g2J5i4K6u0V1L8%4k6W2M7X3k6D9L8%4N6K6i4K6u0r3

DEPS – Precise Heap Spray on Firefox and IE10:6c3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2U0L8%4u0W2L8r3q4F1i4K6u0W2j5X3g2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9J5c8U0t1H3x3e0y4Q4x3V1j5H3x3W2)9J5c8U0p5&6i4K6u0r3k6r3g2H3M7#2)9J5k6s2m8J5k6h3y4A6M7$3g2Q4x3X3c8Z5k6h3q4H3i4K6u0V1M7%4m8J5j5i4W2Q4x3X3c8G2L8W2)9J5k6r3k6A6M7X3g2X3L8%4S2Q4x3X3c8S2L8X3c8Q4x3X3c8A6k6e0p5H3i4K6u0r3

Flash Vector漏洞利用的蜕变:6f8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1k6i4c8K6k6h3y4Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3x3e0b7#2y4K6q4Q4x3X3g2Z5N6r3#2D9

Windows平台下高级Shellcode编程技术:658K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1k6i4c8K6k6h3y4Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3x3e0V1J5y4q4)9J5k6h3S2@1L8h3H3`.

Exploiting Internet Explorer 11 64-bit on Windows 8.1 Preview:6f9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0A6k6%4y4W2j5g2)9J5k6h3y4G2L8g2)9J5k6h3y4F1i4K6u0r3j5i4u0U0K9r3W2$3k6i4y4Q4x3V1j5I4x3K6l9J5i4K6u0r3

IE Array Object Heap Spraying:17bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1j5X3I4G2k6%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6%4j5h3H3$3x3e0y4Q4x3V1k6H3i4K6u0r3x3K6V1#2z5o6j5&6x3W2)9J5k6h3S2@1L8h3H3`.

IE下Heap Spraying方法的部分总结:f54K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1j5X3I4G2k6%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6%4j5h3H3$3x3e0y4Q4x3V1k6H3i4K6u0r3x3K6V1@1y4U0p5#2y4q4)9J5k6h3S2@1L8h3H3`.

The Art of Leaks The Return of Heap Feng Shui:068K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6U0j5h3&6K6k6h3y4%4k6i4y4@1i4K6u0W2j5$3!0E0i4K6u0r3M7$3I4A6k6r3g2K6i4K6u0r3x3U0l9I4y4q4)9J5c8W2c8Z5k6g2)9J5y4e0t1H3b7i4u0@1i4K6t1#2x3U0m8G2k6W2)9J5y4e0t1H3e0r3g2S2K9%4y4Q4x3U0f1J5x3q4)9J5k6q4)9J5y4e0t1H3M7X3g2S2k6q4)9J5y4e0t1H3N6X3g2J5M7$3W2G2L8W2)9J5y4e0t1H3i4K6u0V1i4K6t1#2x3U0m8k6L8%4W2G2i4K6u0W2M7r3c8X3

2015——Flash漏洞盛行期:b71K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0G2j5X3q4G2i4K6u0W2x3K6j5H3i4K6u0W2j5$3&6Q4x3V1k6D9k6h3q4J5L8X3W2F1k6#2)9J5c8X3c8W2N6r3q4A6L8q4)9J5c8U0x3J5x3g2)9J5k6h3S2@1L8h3H3`.

ASLR Bypass Apocalypse in Recent Zero-Day Exploits:04dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2X3K9i4u0W2k6i4W2W2i4K6u0W2j5$3!0E0i4K6u0r3j5X3I4G2k6#2)9J5c8Y4c8Z5M7X3g2S2N6q4)9J5k6s2u0W2M7$3g2S2M7X3y4Z5i4K6u0r3x3U0l9I4x3#2)9J5c8U0p5H3i4K6u0r3j5i4y4D9M7W2)9J5k6r3u0&6M7r3q4K6M7#2)9J5k6r3q4H3L8$3y4S2L8s2W2H3M7$3g2Q4x3X3c8A6L8W2)9J5k6r3I4S2N6r3g2D9P5g2)9J5k6s2A6W2M7X3!0Q4x3X3c8V1j5i4W2Q4x3X3c8W2P5s2m8D9L8$3W2@1M7#2)9J5k6h3S2@1L8h3H3`.

Heap Spraying with Actionscript:687K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2X3K9i4u0W2k6i4W2W2i4K6u0W2j5$3!0E0i4K6u0r3j5X3I4G2k6#2)9J5c8Y4c8Z5M7X3g2S2N6q4)9J5k6s2u0W2M7$3g2S2M7X3y4Z5i4K6u0r3x3U0l9H3z5g2)9J5c8U0l9%4i4K6u0r3j5h3y4@1K9h3!0F1M7$3y4J5K9i4m8@1i4K6g2X3K9r3g2S2M7q4)9#2k6Y4y4H3M7X3q4&6i4K6u0W2K9s2c8E0L8l9`.`.

Windows Exploit Development Tutorial Series and Windows Heap Exploitation :375K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6#2P5Y4A6&6M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2U0L8$3#2Q4x3V1k6@1N6i4c8G2M7X3W2S2L8s2y4Q4x3X3g2Z5N6r3#2D9

Use-after-frees: That pointer may be pointing to something bad:3f7K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6K6k6h3y4#2M7X3W2@1P5h3W2F1N6r3g2D9L8r3W2Y4k6h3&6U0k6g2)9J5k6h3y4G2L8g2)9J5c8Y4g2K6k6g2)9J5k6r3q4X3N6r3g2J5i4K6u0V1k6Y4u0W2k6i4y4Q4x3X3c8@1K9r3q4@1i4K6u0V1M7r3!0A6L8Y4c8W2M7W2)9J5k6r3#2S2P5g2)9J5k6r3u0W2i4K6u0V1M7r3!0A6L8Y4c8A6L8X3N6Q4x3X3c8@1L8#2)9J5k6s2y4G2L8h3g2@1K9r3W2F1k6#2)9J5k6r3u0S2k6q4)9J5c8R3`.`.

Heap Feng Shui in JavaScript:ff0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8Z5M7X3g2W2k6r3!0E0i4K6u0W2L8%4u0Y4i4K6u0r3M7X3g2K6k6h3q4J5j5$3S2Q4x3V1k6Z5k6h3q4H3i4K6u0V1k6X3g2F1k6#2)9J5k6s2y4Z5N6h3W2Q4x3V1k6Z5k6h3q4H3i4K6u0V1k6X3g2F1k6#2)9J5k6s2y4Z5N6h3W2Q4x3X3g2Z5N6r3#2D9

HeapSpray+ROP绕过IE8的DEP防护 ——堆喷射技术利用超星老漏洞:ad9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2U0M7$3c8F1i4K6u0W2L8X3g2@1i4K6u0r3M7i4y4Q4y4h3k6Z5N6h3c8Q4x3V1k6S2M7Y4c8A6j5$3I4W2i4K6u0r3k6r3g2@1j5h3W2D9M7#2)9J5c8U0V1^5x3U0p5%4x3K6f1`.

Windows漏洞利用技术总结:124K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0#2j5Y4g2C8L8#2)9J5k6h3y4G2L8g2)9J5c8X3W2F1k6X3!0V1k6i4c8S2K9h3I4Q4x3X3b7J5x3o6f1%4y4e0y4Q4x3X3g2Z5N6r3#2D9

IE安全系列:IE的自我介绍 (II):45cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8J5L8%4m8K6i4K6u0W2N6$3!0G2P5i4g2F1i4K6u0W2L8%4u0Y4i4K6u0r3M7r3q4H3k6i4u0K6i4K6u0r3y4e0f1I4z5b7`.`.

逆向分析基础总结:http://bbs.pediy.com/showthread.php?t=77259

用ClassName占位和title占位的分析:44eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4F1j5X3I4G2k6%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6x3j5h3#2T1L8%4W2Q4x3V1k6H3i4K6u0r3x3K6R3$3y4U0V1@1x3q4)9J5k6h3S2@1L8h3H3`.

跟踪调试COM组件的接口:http://bbs.pediy.com/showthread.php?t=46523
来源:807K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6W2N6r3k6S2K9i4u0&6i4K6u0W2L8X3g2@1

[招生]科锐逆向工程师培训(2025年3月11日实地,远程教学同时开班, 第52期)!

收藏
免费 0
支持
分享
最新回复 (1)
sushuangju
雪    币: 268
活跃值: (124)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
十分感谢楼主的分享。谢谢!
2015-12-11 22:13
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回