12 2016 档案

Effectively bypassing kptr_restrict on Android
摘要:墙外通道:http://bits-please.blogspot.com/2015/08/effectively-bypassing-kptrrestrict-on.html In this blog post, we'll take a look at a few ways that I've d 阅读全文

posted @ 2016-12-27 15:22 _懒人 阅读(593) 评论(0) 推荐(0)

A brief introduction to per-cpu variables
摘要:墙外通道:http://thinkiii.blogspot.com/2014/05/a-brief-introduction-to-per-cpu.html per-cpu variables are widely used in Linux kernel such as per-cpu count 阅读全文

posted @ 2016-12-24 19:22 _懒人 阅读(849) 评论(0) 推荐(0)

How to translate virtual to physical addresses through /proc/pid/pagemap
摘要:墙外通道:http://fivelinesofcode.blogspot.com/2014/03/how-to-translate-virtual-to-physical.html I currently work on a project where I need to make translat 阅读全文

posted @ 2016-12-24 19:21 _懒人 阅读(727) 评论(0) 推荐(0)

An Exploration of ARM TrustZone Technology
摘要:墙外通道:https://genode.org/documentation/articles/trustzone ARM TrustZone technology has been around for almost a decade. It was introduced at a time whe 阅读全文

posted @ 2016-12-24 19:20 _懒人 阅读(741) 评论(0) 推荐(0)

ARM64 Linux kernel virtual address space
摘要:墙外通道:http://thinkiii.blogspot.com/2014/02/arm64-linux-kernel-virtual-address-space.html Now let's talk about the Linux kernel virtual address space on 阅读全文

posted @ 2016-12-24 19:18 _懒人 阅读(3521) 评论(0) 推荐(0)

Android privilege escalation to mediaserver from zero permissions (CVE-2014-7920 + CVE-2014-7921)
摘要:墙外通道:http://bits-please.blogspot.com/2016/01/android-privilege-escalation-to.html In this blog post we'll go over two vulnerabilities I discovered whi 阅读全文

posted @ 2016-12-24 19:14 _懒人 阅读(405) 评论(0) 推荐(0)

ida 调试 android fork
摘要:在使用ida 调试android native代码时经常会碰见fork子进程的情况出现,而运行一个 android_server只能对一个进程进行调试或者attach,而ida 默认端口是23946,可以通过指定 android_server 的端口来实现多开,同时调试多个进程。 阅读全文

posted @ 2016-12-05 13:29 _懒人 阅读(1334) 评论(2) 推荐(0)

导航