Get Sysent Address On FreeBSD

June 18, 2007

FreeBSD的sysent表的地址在内核中可以直接使用,是个全局变量.可以直接hook.

但是如果是ring3下Patch on fly呢?和linux一样,都是读取/dev/kmem或者/dev/mem

开始走了点弯路,以为和linux一样需要到内核函数代码中去查找,于是做了如下分析( 可见不google自以为是的坏处:( )

FreeBSD# uname -a

FreeBSD FreeBSD.0x1057 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 //系统是6.0的FREEBSD roo......

Get Sys_call_table Address On Linux

June 17, 2007

被迫无奈,windows居然坏了,只能用装了n久一直没用的ubuntu..

捣鼓了几天,把常用软件都装上了.然后开始熟悉熟悉linux下的编程

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <sys/types.h>

#include <sys/stat.h>

#include <fcntl.h>

#include <unistd.h>

#include <errno.h>

#include <sy......

[zt]PHP parse_str() arbitrary variable overwrite

June 13, 2007

转贴,还没来得及测试,有意思的是看到bugtraq里有这么一句评论:

Hardened-PHP and PHP with suhosin are also affected to this issue.

如果是真的话,那么看来ste牛人也有失手的时候 :P

Title: PHP parse_str() arbitrary variable overwrite

Vendor: http://www.php.net/

Advisory: http://www.acid-root.new.fr/advisories/14070612.txt

Author: DarkFi......

Recent
Search