- 博客(80)
- 资源 (3)
- 收藏
- 关注
RSS订阅原创 fetch data time
L1 cache reference 0.5 nsBranch mispredict 5 nsL2 cache reference 7 nsMutex lock/unlock 25 nsMain memory reference 100 nsCompress 1K bytes with Zippy 3,000 nsSend 2K bytes over 1 Gbps netw
2013-08-10 14:45:38
5451
转载 nebula level18
AboutAnalyse the C program, and look for vulnerabilities in the program. There is an easy way to solve this level, an intermediate way to solve it, and a more difficult/unreliable way to solve it.
2013-07-04 10:33:26
5666
转载 Nebula level16
http://www.exploit-exercises.com/nebula/level16AboutThere is a perl script running on port 1616.To do this level, log in as the level16 account with the password level16 . Files for this lev
2013-05-15 14:20:26
5543
转载 Nebula level15
Aboutstrace the binary at /home/flag15/flag15 and see if you spot anything out of the ordinary.You may wish to review how to "compile a shared library in linux" and how the libraries are loaded an
2013-05-13 16:10:48
5341
转载 Nebula level14
AboutThis program resides in /home/flag14/flag14 . It encrypts input and writes it to standard output. An encrypted token file is also in that home directory, decrypt it :)To do this level, log in
2013-05-13 15:57:34
5457
原创 Nebula level13
AboutThere is a security check that prevents the program from continuing execution if the user invoking it does not match a specific user id.To do this level, log in as the level13 account with th
2013-05-13 15:23:11
6318
转载 Nebula level12
AboutThere is a backdoor process listening on port 50001.To do this level, log in as the level12 account with the password level12 . Files for this level can be found in /home/flag12. 1local
2013-05-13 13:20:37
5254
转载 Nebula level11
AboutThe /home/flag11/flag11 binary processes standard input and executes a shell command.There are two ways of completing this level, you may wish to do both :-)To do this level, log in as the lev
2013-05-13 12:43:20
6025
原创 Nebula level10
http://exploit-exercises.com/nebula/level10AboutThe setuid binary at /home/flag10/flag10 binary will upload any file given, as long as it meets the requirements of the access() system call.T
2013-05-13 09:46:54
7747
转载 Nebula level09
http://exploit-exercises.com/nebula/level09There's a C setuid wrapper for some vulnerable PHP code...To do this level, log in as the level09 account with the password level09 . Files for this
2013-05-10 16:48:10
8035
原创 Nebula level08
http://exploit-exercises.com/nebula/level08World readable files strike again. Check what that user was up to, and use it to log into flag08 account.To do this level, log in as the level08 acco
2013-05-10 16:23:35
7651
转载 Nebula level07
The flag07 user was writing their very first perl program that allowed them to ping hosts to see if they were reachable from the web server.To do this level, log in as the level07 account with the p
2013-05-10 15:18:42
7820
1
转载 Nebula level06
“(…) account credentials came from a legacy unix system” mhm:$ cat /etc/passwd(...)flag06:ueqwOCnSGdsuM:993:993::/home/flag06:/bin/sh(...)Ah, good old DES:$ echo ueqwOCnSGdsuM
2013-05-10 15:13:40
8530
转载 Nebula level05
http://exploit-exercises.com/nebula/level05From the description we get one hint: weak permissions. And this is sufficient to easily solve this challenge.First things first navigate to /home/flag05
2013-05-10 14:56:24
7448
转载 Nebula level03
http://exploit-exercises.com/nebula/level03Check the home directory of flag03 and take note of the files there.There is a crontab that is called every couple of minutes.To do this level, l
2013-05-10 14:29:58
7557
原创 CentOS 6.4 yum 163的源
cd /etc/yum/yum.repo.d/sudo wget http://mirrors.163.com/.help/CentOS6-Base-163.repo通过vim打开刚刚下载下来的CentOS6-Base-163.repo, 运行如下命令::%s/$releasever/6.4/g将其中的所有的releasever变量全部变成6.4后保存退出。 因为我发现
2013-04-08 16:46:18
10586
原创 centOS 6.4 内核源代码安装
CentOS 6.4 在默认情况下,没有指定源代码仓库。如果想方便地下载 CentOS 6.4 的内核源代码,可按如下操作进行。 1. 进入仓库的目录 cd /etc/yum.repos.d/2. 创建源代码仓库文件 touch CentOS-Source.repo3. 将如下内容复制到 CentOS-Source.repo 中[base-source]name=Cen
2013-03-20 16:28:12
11131
原创 linux 挂载新的ssd
1. 首先查看插入的ssd有没有被识别ls /dev/看有没有一个设备是/dev/sdb1假设目前你只有一个硬盘,如果有,说明这个就是你刚刚安装的ssd硬盘了也可以运行fdisk -l 命令来查看硬盘的详细信息来确定到底哪个是刚才插入的ssd硬盘2. 直接mount,如果不能成功,使用dmesg 查看错误。mount -t ext4 /dev/sdb1 /med
2013-03-13 15:20:27
21788
原创 linuxMint 14 下ssh登录特别慢问题
打开配置文件/etc/ssh/ssh_config把GSSAPIAuthentication yes修改为no。 然后速度飞快。同样适用于ubuntu
2013-03-08 09:33:18
7360
原创 fedora 17 升级到 fedora18
先安装fedup,使用fedup升级的方法:sudo yum install fedup运行如下命令:sudo fedup --network 18附:fedup的使用--network VERSION 从网络升级,后面跟要升级的版本号--iso ISO 从光盘镜像升级,后面跟光盘iso镜像的
2013-01-31 13:28:11
7387
转载 TUN/TAP
In computer networking, TUN and TAP are virtual network kernel devices. They are network devices that are supported entirely in software, which is different from ordinary network devic
2013-01-24 14:21:08
7153
转载 linux下 PCI 设备驱动开发
一、PCI总线系统体系结构PCI是外围设备互连(Peripheral Component Interconnect)的简称,作为一种通用的总线接口标准,它在目前的计算机系统中得到了非常广泛的应用。PCI提供了一组完整的总线接口规范,其目的是描述如何将计算机系统中的外围设备以一种结构化和可控化的方式连接在一起,同时它还刻画了外围设备在连接时的电气特性和行为规约,并且详细定义了计算机系统中的各
2013-01-24 09:38:30
7290
转载 网卡驱动学习之netlink
Netlink is a socket family that for IPC between the kernel and user space processes, as well as between user processes (like e.g., UNIX sockets) or a mixture of both types. However, unlike INET socket
2013-01-04 10:52:20
8187
转载 网卡驱动学习之DCA
Direct Cache Access (DCA),DCA is a method to improve network I/O performance by placing some posted inbound writes directly within CPU cache. DCA potentially eliminates cache misses due to inb
2013-01-04 10:50:20
9381
转载 Manual driver binding and unbinding
One new feature in the 2.6.13-rc3 kernel release, is the ability to bind and unbind drivers from devices manually from user space. Previously, the only way to disconnect a driver from a device was u
2013-01-04 09:59:03
7400
转载 mark 黑客之道
Zuckerberg如此定义“The Hacker Way(黑客之道)”:黑客之道是持续进步和创新之道。黑客永远相信更好,没有什么是完美的。黑客要做的就是“修补”,尤其是当直面众人质疑的时候,然后告诉他们:黑客的字典中没有“不可能”和“满足现状”这两个词。
2012-12-24 10:51:48
7196
转载 What is Inter Packet Gap or Inter Frame Gap?
Let's assume if a Gigi port which could transfer raw data up to 125,000,000 bytes per second with minimum frame size of 64 bytes. Device must need some time to process one packet after another. Th
2012-12-24 10:47:42
9418
原创 Nebula level04
http://exploit-exercises.com/nebula/level04This level requires you to read the token file, but the code restricts the files that can be read. Find a way to bypass it :)To do this level, log
2012-11-08 21:56:00
7294
原创 Nebula level02
There is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it?To do this level, log in as the level02 account with the password level02 . Files for t
2012-11-08 10:44:52
6297
原创 Nebula level01
There is a vulnerability in the below program that allows arbitrary programs to be executed, can you find it?To do this level, log in as the level01 account with the password level01 . Files for t
2012-11-08 09:36:12
6998
1
原创 性能提高技术
顺便说一下如何学习《深入理解计算机系统》, 唯一好的方法就是将书中的每一个例子,每一个习题都在自己电脑上实现一遍,然后参照标准答案看看差异在哪里。尤其是优化程序性能那一章节,否则一点用处都没有。不要觉得繁琐,不要觉得无所谓,根据个人能力,我觉得最好这本书能读2遍以上,所有的习题都做过一遍才可以说自己读过这本书。1. 高级设计。为遇到的问题选择适当的算法和数据结构。要特别警觉,避免使用那
2012-10-24 16:16:13
6111
原创 libnids 中关于监测ddos攻击的设计
libnids中对ddos攻击的监测主要文件在scan.c中,主要原理是在tcp处理的时候每来一个syn packet,都要调用一次detect_scan函数。根据设置的参数看是否存在ddos攻击。算法涉及到的数据结构主要有下面两个: 9 struct scan { 10 u_int addr; 11 unsigned short port; 12 u_char
2012-10-24 14:48:27
7039
转载 ebp和esp使用
esp是栈指针,是CPU机制决定的,push、pop指令会自动调整esp的值又因为函数的参数和局部变量,其实是与进入函数那时的esp相关的,但由于esp在函数运行中会不停的变,因此保存当前esp到一个ebp中保持不变,后续用ebp来访问参数和局部变量就很清楚。而且还方便于调试器分析函数调用过程中的堆栈情况。这个ebp也不是必须的,实际esp虽然不停在变,但具体变化编译器是可
2012-09-26 10:35:18
6478
原创 linux 查看用户登陆的情况
w命令直接运行w命令可以列出目前系统上登陆的所有用户以及详细信息,比如用户名(USER),登陆时间(LOGIN@),从哪里登陆过来的(FROM),以及以什么方式登陆的(WHAT)使用who命令也可以查看,但是没有如此详细的信息。如果想看详细的最近一段时间内系统所有用户的登陆和离开信息以及开机或者关机的信息,使用命令last。last命令会列出详细的信息y
2012-09-25 10:31:21
6554
原创 linux下读取windows文件遇到的问题
1 #include 2 #include 3 int main(int argc, char *argv[]) 4 { 5 char buf[1024]; 6 FILE *fp ; 7 FILE *dst_fp; 8 int i,j; 9 char *line; 10 char file_name[256];
2012-09-24 14:02:05
7540
原创 Nebula level00
首先从nebula开始,nebula设置了19个level,level00-level19,每一个level对应系统中的一个登陆账号,每一个level也对应home目录下的flag00-flag19这些账号。一般来说如果你能用levelXX登陆,经过提权你的账号变成了flagXX,就表示你过关了。下面会将每一个level的要求以及相关的代码列出来,我自己的解决办法和涉及到得知识点也会列出来
2012-08-28 23:13:16
7096
原创 nebula 0
最近发现了一个练习漏洞发掘的好东西exploit-exercises,走进去看了看,恰好适合我这种什么都不懂的新手有对此特别感兴趣的,就打算跟着一步一步的开始练习了。如果全部练习都能通过的话,也可以算linux hack 入门了 。首先介绍一下这个练习的环境以及方向,需要具备的基本知识体系。网站提供的练习平台是在虚拟机下的ubuntu 字符界面。1.只有字符界面而没有图形界面,所以
2012-08-28 22:58:54
6916
原创 从零开始一步一布成为linux 网络高手
首先得会使用linux系统,推荐fedora。简单易用,配置文件标准。然后就开始学习c语言吧,c语言不会的人,永远不要说自己懂网络。因为大部分的优秀开源软件都是c语言写的。会了c语言,那就开始看APUE这本书吧,先熟悉linux下的系统调用和各种API。现在应该开始看《TCP/IP详解》和《UNIX 网络编程》吧,上面的所有例子都自己实现一遍。这个也看完了那就找几个开源软件的代码来
2012-08-28 17:21:45
6407
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人