摘要: You get the idea right! We are going to enumerate all the ROP-Gadgets and then chain them together to craft our API call which will in turn disable DE... 阅读全文
posted @ 2014-07-10 14:31 Daniel King 阅读(230) 评论(0) 推荐(0) 编辑
摘要: 0:000> bp 0012f2fc "j @ecx == 0 '';'gc'"0:000> g j代表judgement,与c++中的condition?A:B类似。如果断点处ecx是0,则停下;否则go until next breakpoint(gc).bp 0012f2fc "j (@@c... 阅读全文
posted @ 2014-07-10 13:44 Daniel King 阅读(257) 评论(0) 推荐(0) 编辑
摘要: daniel@daniel-mint ~/msf/metasploit-framework $ ruby msfpayload windows/exec CMD=calc.exe NWARNING: Nokogiri was built against LibXML version 2.8.0, b... 阅读全文
posted @ 2014-07-10 10:10 Daniel King 阅读(609) 评论(0) 推荐(0) 编辑