从x86_64过来,把这个看完,arm-aarch64基本上心里有底了,讲的蛮好的 https://xz.aliyun.com/t/3154
一些汇编指令和示例 https://zhuanlan.zhihu.com/p/673591189 https://liujiaboy.github.io/2021/04/13/%E9%80%86%E5%90%91/ARM%E6%B1%87%E7%BC%96-2/
和x86_64的差别不大,就是需要注意一下arm-lr,aarch64-x30 arm
0x00010490 <+0>: push {r7, lr}
...
0x000104c8 <+56>: pop {r7, pc}
aarch64
0x0000000000400678 <+0>: stp x29, x30, [sp, #-32]!
...
0x0000000000400690 <+24>: ldp x29, x30, [sp], #32
0x0000000000400694 <+28>: ret
包含了arm,aarch64,一些基本上示例和解决方案和分析(主要是练习arm/aarch64 rop) https://github.com/xairy/easy-linux-pwn/
包含了arm,aarch64,多种漏洞类型都有 https://github.com/bkerler/exploit_me
一个堆相关的,主要是讲rop的题 insomnihack-teaser-2019 nyanc https://blog.perfect.blue/ROPing-on-Aarch64
没找到题目,唉,就是不让你看源程序,函数返回时sp加了多少,就是让你烦躁 https://blog.csdn.net/FUCKING12/article/details/128158210 https://blog.csdn.net/zzq487782568/article/details/126919848
c8 gadget
d0 0
d8 0 -------- new sp
e0 0
e8 system_addr
f0 0
f8 bin_sh
一个aarch64内核的题:栈溢出 注意一些关于返回用户态这个章节 https://bbs.kanxue.com/thread-272397.htm https://bbs.kanxue.com/thread-272376.htm
一些题目,给会的人讲的 https://bbs.kanxue.com/thread-272332.htm
DEF CON CTF Qualifier 2021 https://ctftime.org/writeup/28124
WPICTF 2021 strong-arm https://ctftime.org/writeup/27929
ByteCTF 2021 AArch64 Pwn Master of HTTPD https://xuanxuanblingbling.github.io/ctf/pwn/2021/12/13/aarch64/
逆向烦人 https://www.anquanke.com/post/id/237900
相关文章
发表评论