zip.zip'backup' 카테고리의 다른 글
| Proxy.py (0) | 2016.06.13 |
|---|---|
| Pixiv Crawler (2) | 2016.06.02 |
| security tools.php (0) | 2015.12.04 |
| [Gussing] (0) | 2015.10.11 |
| htaccess trick (0) | 2015.08.20 |
확장자'만' Whitelist로 검사하여 맞으면 통과시키는 방식..
'Web' 카테고리의 다른 글
| Webhacking Study - no more BLIND (6) | 2017.04.18 |
|---|---|
| SQLi.py (0) | 2016.11.02 |
| Custom Webshell (0) | 2016.02.12 |
| SQL Injection Study (3) | 2015.11.13 |
| PHP web development tips and tricks (0) | 2015.11.13 |
BoB 2기 할때 썼던 문서네요.
UAF를 알고 있었다면 심도깊은 문서가 되었겠지만, 단순 추측으로 끝난걸 현재시점에서 보니 다소 아쉽긴 합니다.
Scientific Research
Subject : Can I get difference memory address when re-allocate other memory?
Hypothesises:
1. It’s have difference result on difference OS, because OS has Memory Manager.
2. It will be not return same memory address. If that not, it cause security problem.
3. If I get same memory address when I allocated memory, I can read value that before memory has been returned
Testing Environment
1. Windows 7 (SP1, 64bit, 4GB Memory, Intel® i3-2370M CPU, VS2012)
2. Windows XP(SP3, 32bit, 512MB memory, VS2010, in VMware)
3. Ubuntu 12.03 (3.5.0-37 Kernel, gcc compiler , in VMware)
How to test my Hypothsesises?
1. Compile source code in different Env.
2. Execute it
이하생략..
'I Think..' 카테고리의 다른 글
| error based (1) | 2014.12.29 |
|---|
