4

[推荐]『二进制漏洞』精选帖分类索引

BDomne 2017-10-11 10:00 2233
 

列表不定期更新,有遗漏的地方还望各位留帖补充:P
last update: 2017.10.25


基础知识:

Windows格式化字符串漏洞利用
https://bbs.pediy.com/thread-132554.htm

 

Windows下的shellcode剖析浅谈
https://bbs.pediy.com/thread-99007.htm

 

通过hash值计算API的名字
https://bbs.pediy.com/thread-55187.htm

 

Shellcode编写之hash式函数调用及相关
https://bbs.pediy.com/thread-58393.htm

 

一份shellcode的详细分析
https://bbs.pediy.com/thread-46068.htm

 

Flash漏洞所用shellcode的分析
https://bbs.pediy.com/thread-65907.htm

 

CVE-2010-1297漏洞shellcode简析
https://bbs.pediy.com/thread-121236.htm

 

一个Word溢出样本的shellcode分析
https://bbs.pediy.com/thread-130249.htm

 

Egg Hunting - Shellcode分段执行技术原理
https://bbs.pediy.com/thread-129086.htm

 

一种反检测的Shellcode GetPC方法Flush GetPC
https://bbs.pediy.com/thread-154689.htm

 

Shellcode In x64
https://bbs.pediy.com/thread-155336.htm

 

缓冲区溢出攻击浅析,写给初学者
https://bbs.pediy.com/thread-131340.htm

 

堆溢出精髓分析与实践
https://bbs.pediy.com/thread-102527.htm


ExploitMe:

ExploitMe挑战赛AB题的答卷
https://bbs.pediy.com/thread-57545.htm

 

Exploitme溢出分析
https://bbs.pediy.com/thread-57623.htm

 

Exploit_me_A:打造终极命令行!
https://bbs.pediy.com/thread-57620.htm


CTF Pwn:

HITB GSEC WIN PWN BABYSTACK分析
https://bbs.pediy.com/thread-221016.htm

 

成功通过堆溢出,绕过unlink限制,实现GOT表覆写进行命令执行
https://bbs.pediy.com/thread-220672.htm


Mitigation Bypass:

Windows溢出保护原理与绕过方法概览
https://bbs.pediy.com/thread-123572.htm

 

二进制漏洞利用中的ROP技术研究与实例分析
https://bbs.pediy.com/thread-221041.htm

 

利用Stack Pivot和ROP绕过ASLR+DEP学习笔记
https://bbs.pediy.com/thread-146321.htm

 

Heap Spray技术要点
https://bbs.pediy.com/thread-156991.htm

 

JavaScript中的堆风水
https://bbs.pediy.com/thread-55879.htm

 

JIT Spray:利用JIT在内存中构造可控可执行代码
https://bbs.pediy.com/thread-109060.htm

 

MS08-067通用bypass DEP的缓冲区溢出栈帧构造方法的学习
https://bbs.pediy.com/thread-81667.htm

 

关于safeSEH和/GS技术
https://bbs.pediy.com/thread-134754.htm

 

利用msvcr71.dll与mona.py实现通用绕过DEP/ASLR
https://bbs.pediy.com/thread-139241.htm

 

SafeSEH和DEP都开启了,有办法破吗
https://bbs.pediy.com/thread-137468.htm

 

缓冲区溢出漏洞exploit在当下遇到的绝境
https://bbs.pediy.com/thread-179658.htm

 

Advanced Exploitation Technology Analyze
https://bbs.pediy.com/thread-192049.htm

 

分析微软EMET工具的两个功能实现
https://bbs.pediy.com/thread-125470.htm

 

野外的CVE-2015-2545逃逸了EMET
https://bbs.pediy.com/thread-216046.htm

 

EMET5.1绕过方法学习笔记
https://bbs.pediy.com/thread-199061.htm

 

Win10下EMET 5.5防护机制之Memport的绕过
https://bbs.pediy.com/thread-208774.htm


图像漏洞:

Exploit for ANI file
https://bbs.pediy.com/thread-42208.htm

 

Microsoft TIFF图像文件处理栈溢出漏洞(MS07-055)
https://bbs.pediy.com/thread-57730.htm

 

认识PNG文件格式
https://bbs.pediy.com/thread-75181.htm

 

Adobe PDF LibTiff Integer Overflow CVE-2010-0188初探
https://bbs.pediy.com/thread-109316.htm


Flash漏洞:

手把手一起分析最新Flash样本
https://bbs.pediy.com/thread-147686.htm

 

Adobe flash漏洞之CVE-2009-1862初探 -- 基础知识篇
https://bbs.pediy.com/thread-101342.htm

 

CVE-2011-0611分析
https://bbs.pediy.com/thread-137922.htm

 

CVE-2012-0769, the case of the perfect info leak
https://bbs.pediy.com/thread-155034.htm

 

Analysing the PoC of CVE-2012-0769
https://bbs.pediy.com/thread-149338.htm

 

CVE-2012-1535 Flash解析特殊格式字体漏洞样本构造分享
https://bbs.pediy.com/thread-157851.htm

 

CVE-2012-1535漏洞调试分析
https://bbs.pediy.com/thread-154860.htm

 

CVE-2012-1535 Flash漏洞调试笔记
https://bbs.pediy.com/thread-155101.htm

 

Adobe Flash Player远程代码执行漏洞分析(CVE-2012-1535)
https://bbs.pediy.com/thread-156124.htm

 

CVE-2013-0634 PoC Analysis
https://bbs.pediy.com/thread-162493.htm

 

CVE-2014-0322完整详细分析
https://bbs.pediy.com/thread-193313.htm

 

CVE-2015-3090 Exploit利用分析
https://bbs.pediy.com/thread-202461.htm

 

New Flash Exploition Analysis
https://bbs.pediy.com/thread-199166.htm

 

Flash漏洞利用样本逆向分析艺术
https://bbs.pediy.com/thread-215882.htm


浏览器漏洞:

Analysis CVE-2011-0065 Firefox 3.6.16 mChannel use after free vulnerability
https://bbs.pediy.com/thread-139044.htm

 

IE8 sc.txt exploit分析学习
https://bbs.pediy.com/thread-142917.htm

 

Analysing the PoC of CVE-2012-0003
https://bbs.pediy.com/thread-146055.htm

 

CVE-2012-1875: mshtml.dll Use-After-Free漏洞分析
https://bbs.pediy.com/thread-152240.htm

 

CVE-2012-1876 MSHTML.DLL堆溢出漏洞分析
https://bbs.pediy.com/thread-153363.htm

 

CVE-2012-1876 Exploit利用分析
https://bbs.pediy.com/thread-202089.htm

 

CVE-2012-4792漏洞分析
https://bbs.pediy.com/thread-173147.htm

 

UAF漏洞分析之CVE-2012-4969
https://bbs.pediy.com/thread-206412.htm

 

CVE-2013-1347(IE8 UAF漏洞)分析
https://bbs.pediy.com/thread-174631.htm

 

CVE-2013-1347: IE CLayoutBlock更新错误导致UAF
https://bbs.pediy.com/thread-182085.htm

 

IE漏洞CVE-2013-2551分析-附poc
https://bbs.pediy.com/thread-173600.htm

 

CVE-2013-3893: SetMouseCapture UAF
https://bbs.pediy.com/thread-182083.htm

 

CVE-2013-3893 IE浏览器uaf漏洞利用
https://bbs.pediy.com/thread-217373.htm

 

CVE-2014-0322 0day Exploit分析
https://bbs.pediy.com/thread-184608.htm

 

How to use VBScript to turn on the God Mode?
https://bbs.pediy.com/thread-189224.htm

 

About CVE-2014-6332
https://bbs.pediy.com/thread-194744.htm

 

CVE-2015-6086 简要分析
https://bbs.pediy.com/thread-209825.htm

 

对CVE-2016-0199的简单分析
https://bbs.pediy.com/thread-212058.htm


文档型漏洞:

完整剖析Acrobat Reader - Collab getIcon universal exploiter之路
https://bbs.pediy.com/thread-98571.htm

 

Adobe reader 漏洞CVE-2009-4324初步分析
https://bbs.pediy.com/thread-104890.htm

 

CVE-2009-3459漏洞PoC分析
https://bbs.pediy.com/thread-102514.htm

 

CVE-2011-0611初探
https://bbs.pediy.com/thread-136907.htm

 

CVE-2013-0640漏洞利用分析 - 附PoC
https://bbs.pediy.com/thread-163035.htm

 

MS10-087从漏洞补丁到PoC
https://bbs.pediy.com/thread-195992.htm

 

CVE-2011-0104 Excel缓冲区溢出漏洞分析
https://bbs.pediy.com/thread-144387.htm

 

对CVE-2011-0978稳定利用的分析
https://bbs.pediy.com/thread-145971.htm

 

Analysis CVE-2011-0978 Microsoft Office Excel Axis Properties Record Parsing Buff
https://bbs.pediy.com/thread-138428.htm

 

CVE-2012-0158分析笔记
https://bbs.pediy.com/thread-160149.htm

 

CVE-2012-0158两种poc分析
https://bbs.pediy.com/thread-217890.htm

 

解读天书----漏洞利用中级技巧的分析
https://bbs.pediy.com/thread-184721.htm

 

CVE-2013-3906简要分析
https://bbs.pediy.com/thread-181216.htm

 

CVE-2014-1761分析笔记
https://bbs.pediy.com/thread-192351.htm

 

CVE-2014-4114 SandWorm沙虫漏洞分析报告
https://bbs.pediy.com/thread-193443.htm


虚拟化漏洞:

VMware漏洞实例分析之一 - 共享文件夹目录遍历漏洞
https://bbs.pediy.com/thread-74064.htm

 

360MarvelTeam虚拟化漏洞第一弹 - CVE-2015-6815漏洞分析
https://bbs.pediy.com/thread-206983.htm

 

虚拟机逃逸 -- QEMU的案例分析系列
https://bbs.pediy.com/thread-218045.htm


字体漏洞:

千年等一回-Adobe Reader CoolType库TTF字体解析栈溢出漏洞分析
https://bbs.pediy.com/thread-121986.htm

 

对CVE-2011-3402的利用分析
https://bbs.pediy.com/thread-147274.htm


内核漏洞:

MS08-025 win32k.sys NtUserFnOUTSTRING Privilege Escalation Exploit
https://bbs.pediy.com/thread-63099.htm

 

MS08-066 Microsoft Ancillary Function Driver Elevation of Privilege exploit
https://bbs.pediy.com/thread-74811.htm

 

Windows Vista/7 内核提权NtGdiEnableEudc 0day漏洞分析
https://bbs.pediy.com/thread-125514.htm

 

放个MS11-011分析、逆向、利用、绕过的文档、源代码
https://bbs.pediy.com/thread-130487.htm

 

CVE-2011-1984 wins提权漏洞分析
https://bbs.pediy.com/thread-140612.htm

 

如何触发MS11-080
https://bbs.pediy.com/thread-143695.htm

 

CVE-2013-3660漏洞分析
https://bbs.pediy.com/thread-178154.htm

 

CVE-2014-1767 Afd.sys double-free 漏洞分析与利用
https://bbs.pediy.com/thread-194457.htm

 

CVE-2014-4113分析及Exploit逆向
https://bbs.pediy.com/thread-198194.htm

 

内核漏洞利用技术文章集合
https://bbs.pediy.com/thread-129143.htm


杀软漏洞:

金山毒霸2011内核溢出漏洞
https://bbs.pediy.com/thread-120343.htm

 

瑞星全功能安全软件2011内核拒绝服务漏洞
https://bbs.pediy.com/thread-151241.htm

 

趋势科技 tmactmon.sys DOS漏洞分析(0day)
https://bbs.pediy.com/thread-158396.htm

 

微点主动防御 Mp110013.sys <= 1.3.10123.0 本地内核权限提升漏洞
https://bbs.pediy.com/thread-110851.htm


其它漏洞:

MS08-067漏洞分析
https://bbs.pediy.com/thread-75361-2.htm

 

EMM's MS08-067 exploit原理分析
https://bbs.pediy.com/thread-80416.htm

 

LNK快捷方式文件漏洞简要分析
https://bbs.pediy.com/thread-117232.htm

 

CVE-2017-7269 IIS6.0远程代码执行漏洞分析及Exploit
https://bbs.pediy.com/thread-216809.htm

 

CVE-2017-7269:IIS6.0远程代码执行漏洞逆向分析记录
https://bbs.pediy.com/thread-216967.htm

 

CVE-2017-1000367 分析与复现
https://bbs.pediy.com/thread-218260.htm

 

《漏洞战争》配套资料下载
https://bbs.pediy.com/thread-211573.htm


Fuzzing:

软件安全测试(fuzz)之大家一起学1:fuzz platform架构
https://bbs.pediy.com/thread-75032.htm

 

软件漏洞挖掘Fuzz工具之三 - 入门篇
https://bbs.pediy.com/thread-69910.htm

 

文件Fuzz教程系列索引
https://bbs.pediy.com/thread-176420.htm

 

软件漏洞挖掘之一_SPIKE
https://bbs.pediy.com/thread-68516.htm

 

基于SKIPE的网络协议Fuzzing技术
https://bbs.pediy.com/thread-180619.htm

 

对ActiveX控件进行Fuzzing测试发掘漏洞
https://bbs.pediy.com/thread-156920.htm

 

Windows XP SP3 AFD.sys 本地拒绝服务漏洞的挖掘过程
https://bbs.pediy.com/thread-165917.htm

 

漏洞挖掘方法之静态扫描+经典栈溢出实例
https://bbs.pediy.com/thread-184409.htm


技术专题:

软件漏洞分析入门
https://bbs.pediy.com/thread-56445.htm

 

二进制漏洞入门教程
https://bbs.pediy.com/thread-208596.htm

 

Exploit编写系列教程1-10合集
https://bbs.pediy.com/thread-123602.htm


经验心得:

漏洞分析的那些事儿
https://bbs.pediy.com/thread-142265.htm

 

软件漏洞分析技巧分享
https://bbs.pediy.com/thread-185817.htm

 

众里寻他千百度----文件类漏洞ShellCode的查找
https://bbs.pediy.com/thread-121045.htm

 

简单谈谈Java Exploit
https://bbs.pediy.com/thread-143826.htm

 

调试AVM中的JITed code技巧
https://bbs.pediy.com/thread-194903.htm

 

漏洞挖掘之个人见解
https://bbs.pediy.com/thread-140597.htm

最新回复 (14)
MsScotch 2017-10-11 10:04
2
这种集合贴  真真是极好的,有鉴前人观摩,便于后来学习!
12
netwind 2017-10-11 10:20
3
感谢整理!
1
fengyunabc 2017-10-11 11:05
4
感谢整理,辛苦了!
8
kanxue 2017-10-11 11:32
5
辛苦了,欢迎大家参与进来,一起成长
cqzhou 2017-10-11 12:14
6
辛苦了  mark
小菜鸟一 2017-10-11 15:24
7
这个可以,赞
哆啦咪 2017-10-12 12:24
8
顶~
1
uestcdzy 2017-10-12 22:50
9
666,辛苦了。
ljcnaix 2017-10-13 15:29
10
虚拟化漏洞还有三篇qemu系列的,虚拟机逃逸——QEMU的案例分析(一、二、三):
https://bbs.pediy.com/thread-217997.htm
https://bbs.pediy.com/thread-217999.htm
https://bbs.pediy.com/thread-218045.htm
4
BDomne 2017-10-13 15:41
11
ljcnaix 虚拟化漏洞还有三篇qemu系列的,虚拟机逃逸——QEMU的案例分析(一、二、三): https://bbs.pediy.com/thread-217997.htm https://bbs.pedi ...
多谢补充,已更新
wx_rafael chen 2017-11-2 05:08
12
感謝分享
八成网民 2017-11-2 09:21
13
感謝分享 
wx_李寻忆 2017-11-3 16:22
14
感谢分享
2
Keoyo 2017-11-17 19:30
15
感谢分享
返回