堆
今天整理了一下Heap部分的一些笔记,小汇总一下
在程序运行过程中,堆可以提供动态分配的内存,允许程序申请大小未知的内存。堆是程序虚拟空间地址的一块连续的线性区域,由低地址向高地址上增长
堆题漏洞一般在delete()函数上,多半是指针未清空导致成为野指针,从而可以进行UAF等
实现堆利用的方法
ptmalloc2 - glibc
dlmalloc - General purpose allocator
jemalloc - Firefox and FreeBSD
tcmalloc - Google
libumem - Solaris
ps:与系统交互的函数主要是(s)brk函数以及mmap,munmap函数,不是malloc或者free
malloc
malloc(size_t n)
malloc返回对应大小字节的内存块的指针,此外,该函数对一些异常进行了处理
n = 0 , 返回当前系统允许的堆的最小内存块
当n为负数时,由于在大多数系统上,size_t是无符号常数,所以会系统会申请很大的内存空间,但通常来说都会失败,因为系统没有那么...
##前置遇到了很多问题,这里做一个记录,部分步骤没有截图
I have encountered a lot of problems, here is a record, some steps have no screenshots
qemu
sudo apt-get install qemu
qemu-<两下tab>
会弹出qemu可以模拟的所有平台(All platforms that QEMU can be simulated will pop up)
### busybox
官网:https://busybox.net/
进入busybox目录
Enter the busybox directory
```shell
make menuconfig
Q : HOSTCC scripts/basic/fixdep
/b...
真是人生无常,大肠包小肠
Holy,what an emotional damage
Solution 1
取消勾选Enable Device Frame的选项Uncheck the Enable Device Frame option
PS:针对部分机型有效
PS: Valid for some models
Solution 2
调整电脑显示缩放比例,只是和网上说的操作顺序有所不同,如下
step1:调整电脑缩放比例为125%
step2:打开安卓虚拟机
step3:再将电脑缩放比例调回默认
问题解决
Adjusting the display scaling of the computer is just different from the order of operations mentioned on the Internet, as follows
step1: Adjust the computer zoom ratio to 125%
step2: Open the Android virtual machine
step3: Then...
System environment variable settings
Step 1 Add ANDROID_HOME
系统变量(S)$\rightarrow$新建 system variable$\rightarrow$NEW
添加变量名(add variable name):ANDROID_HOME
添加变量值(add variable value):你所安装的SDK路径,常规安装则在C:\Users\(Your username)\AppData\Local\Android\SDK Normally installed inC:\Users\(Your username)\AppData\Local\Android\SDK
Step 2 Add to Path
ANDROID_HOME%\tools;%ANDROID_HOME%\platform-tools
确认之后cmd输入abd和android查看环境是否配置成功
After confirmation, enter abd and android in cmd to check whether ...
朋友估计是装Android Studio把环境变量搞没了,找了个重写环境变量的shell脚本,这里记录一下,万一哪天自己手滑
I guessed that my friend installed Android Studio to get rid of the environment variables. I found a shell script that rewrites the environment variables. Record it here, In case I slip by myself someday
脚本
@echo off
REM 声明采用UTF-8编码
chcp 65001&cls
REM 备份当前环境变量
echo 当前环境变量:
echo %Path%
echo 永久设置Hadoop、scala、Java、 go、spark、zookeeper环境变量
SETX /M GO_ROOT "C:\Go"
SETX /M JAVA_HOME "C:\Program Files\Java\jdk1.8.0_191"
SETX /M H...
安装
sudo apt-get install python-capstone
git clone https://github.com/JonathanSalwan/ROPgadget.git
cd ROPgadget
sudo python setup.py install
运行
m1sceden4@DESKTOP-H37I3CV:~/ROPgadget$ ROPgadget
报错
运行之后可能会发现报错
Traceback (most recent call last):
File "/usr/local/bin/ROPgadget", line 4, in <module>
__import__('pkg_resources').run_script('ROPGadget==6.6', 'ROPgadget')
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 658, in run_script
self.require(requires...