pwn生之loo

Created
GDB调试多进程 set follow-fork-mode parent info inferiors 查看当前进程 当默认调试子进程,假如只使用第一条命令会导致子进程直接运行 this is a picture
ISCC2025-EBPF
Created
PART Iunpack allinone.sh run.sh12345678910111213#!/bin/shqemu-system-x86_64 \ -m 512M \ -cpu qemu64,+smep,+smap -smp 2 \ -kernel bzImage \ -append "console=ttyS0 quiet panic=-1 nokaslr" \ -initrd rootfs.cpio \ -drive file=./flag,if=virtio,format=raw,readonly=on \ -nographic \ -net nic,model=e1000 \ -no-reboot \ -monitor /dev/null runable 123456789101112131415#!/bin/shqemu-system-x86_64 \ -m 512M \ ...
~/kernel
Created
“少上网多读书” – arttnba3 结构体,函数以及变量结构体多起来之后有点乱,整理在这里 struct cred 4.4.72 12345678910111213141516171819202122232425262728293031323334353637383940struct cred { atomic_t usage; /* 0 4 */ kuid_t uid; /* 4 4 */ //不知道什么用,参考作用 kgid_t gid; /* 8 4 */ kuid_t suid; /* 12 4 */ ...
CISCN2017-babydriver
Created
PART Iunpack12loo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/CISCN2017-babydriver/try$ file ./rootfs.cpio./rootfs.cpio: ASCII cpio archive (SVR4 with no CRC) md core && cd ./core && cpio -idv < ../rootfs.cpio start.sh12345678910111213#!/bin/bashqemu-system-x86_64 \-initrd rootfs.cpio \-kernel bzImage \-cpu kvm64,+smep \-append 'console=ttyS0 root=/dev/ram kpti=1 nokaslr oops=panic panic=1' \-monitor /dev/null \-enable-kvm \-m 256M \--nographic \-smp...
MINI-LCTF2022 - kgadget
Created
PART Iunpack1234567loo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/kgadget/try$ tar -xvf ./kgadget.tar.xzbzImageREADME.mdrootfs.cpiorun.shloo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/kgadget/try$ lsREADME.md bzImage kgadget.tar.xz rootfs.cpio run.sh 12loo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/kgadget$ file rootfs.cpiorootfs.cpio: ASCII cpio archive (SVR4 with no CRC) md core && cd ./core && cpio -idv <...
QWB2018 - core
Created
PART Iunpack12loo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/QWB2018-core/tar/try$ lsbzImage core.cpio.gz core.tar.gz exp.c exp.sh start.sh vmlinux 12loo@localhost:~/ctf/kernel/xiaozaiya/kernel-PWN/QWB2018-core/tar/try$ file core.cpio.gzcore.cpio.gz: gzip compressed data, was "core.cpio", last modified: Sat Sep 23 02:42:27 2023, from Unix, original size modulo 2^32 120943104 gzip -> gunzip ./core.cpio.gz -> ./core.cpio md core && cd core && cpio -idv...