摘要:Source:http://v0ids3curity.blogspot.com/2015/04/data-structure-recovery-using-pin-and.html--------------------------------Data Structure Recovery using PIN and PyGraphvizThis is a simple POC PIN tool... 阅读全文
posted @ 2015-04-15 19:02 Proteas 阅读 (174) 评论 (0) 编辑
摘要:Source:https://www.nccgroup.com/en/blog/2015/02/adventures-in-xen-exploitation/tl;drThis post is about my experience trying to exploit the Xen SYSRET bug (CVE-2012-0217).This issue was patched in Jun... 阅读全文
posted @ 2015-03-13 16:50 Proteas 阅读 (309) 评论 (0) 编辑
摘要:Source:https://blog.netspi.com/ios-tutorial-dumping-the-application-memory-part-2/In my previous blog,iOS Tutorial – Dumping the Application Heap from Memory, I covered how to dump sensitive informat... 阅读全文
posted @ 2015-03-13 16:48 Proteas 阅读 (112) 评论 (0) 编辑
摘要:Source:http://shantonu.blogspot.jp/2014/10/building-xnu-for-os-x-1010-yosemite.htmlThe OS X kernel source (xnu) has been released for OS X 10.10 Yosemite:hereBuilding xnu requires Xcode and some addi... 阅读全文
posted @ 2015-03-13 10:38 Proteas 阅读 (215) 评论 (0) 编辑
摘要:Source:https://blog.netspi.com/ios-tutorial-dumping-the-application-heap-from-memory/An essential part of pentesting iOS applications is analyzing the runtime of the application. In this blog, I will... 阅读全文
posted @ 2015-01-07 18:14 Proteas 阅读 (185) 评论 (0) 编辑
摘要:Source:http://kernelbof.blogspot.jp/2009/07/even-when-one-byte-matters.htmlCommon Vulnerabilities and Exposureshttp://cve.mitre.org/cgi-bin/cvename.cg... 阅读全文
posted @ 2014-12-08 23:38 Proteas 阅读 (89) 评论 (0) 编辑
摘要:Source:http://mjtsai.com/blog/2014/11/21/ios-ipc-via-nsfilecoordinator-and-nsfilepresenter/为什么每次我想到的东西,别人都已经研究了。⊙﹏⊙b汗Tom Harrington:There’s still no full IPC mechanism on iOS.NSDistributedNotificatio... 阅读全文
posted @ 2014-11-27 12:18 Proteas 阅读 (242) 评论 (0) 编辑
摘要:Source:https://nabla-c0d3.github.io/blog/2013/08/20/intercepting-the-app-stores-traffic-on-ios/TL;DR: By default, MobileSubstrate tweaks do not get injected into system daemons on iOS which explains w... 阅读全文
posted @ 2014-11-23 16:28 Proteas 阅读 (203) 评论 (0) 编辑
摘要:Source:http://initwithfunk.com/blog/2013/05/31/breaking-bad-with-dtrace/I’ve spent an unwise amount of time recently on a problem that arose when me a... 阅读全文
posted @ 2014-11-07 13:25 Proteas 阅读 (91) 评论 (0) 编辑
摘要:#!/usr/sbin/dtrace -s #pragma D option flowindent/* monitor file open */syscall::open:entry{ printf("%s %s", execname, copyinstr(arg0));}/* moni... 阅读全文
posted @ 2014-11-02 14:36 Proteas 阅读 (85) 评论 (0) 编辑