index.html

<!DOCTYPE html>
<html lang="zh-CN" class="loading">
<head><meta name="generator" content="Hexo 3.8.0">
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
    <meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no">
    <title>gravity的个人博客 - 从零开始的网安学习</title>
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
    <meta name="google" content="notranslate">
    <meta name="keywords" content="GraVity0,"> 
    
    <meta name="author" content="yuntao you"> 
    <link rel="alternative" href="atom.xml" title="gravity的个人博客" type="application/atom+xml"> 
    <link rel="icon" href="/img/first.jpg"> 
    <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/gitalk@1/dist/gitalk.css">
    <link rel="stylesheet" href="/css/diaspora.css">
    <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
    <script>
         (adsbygoogle = window.adsbygoogle || []).push({
              google_ad_client: "ca-pub-8691406134231910",
              enable_page_level_ads: true
         });
    </script>
    <script async custom-element="amp-auto-ads" src="https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js">
    </script>
</head>
</html>
<body class="loading">
    <span id="config-title" style="display:none">gravity的个人博客</span>
    <div id="loader"></div>
    <div class="nav">
    <ul id="menu-menu" class="menu">
        
        <li class="pview menu-item menu-item-type-post_type menu-item-object-page">
            <a href="/GraVity0/" title="Whoami" target="_blank" rel="noopener">Whoami</a>
        </li>
        
        <li class="  menu-item menu-item-type-post_type menu-item-object-page">
            <a href="https://github.com/yytgravity" title="Github" target="_blank" rel="noopener">Github</a>
        </li>
        
        <li class="  menu-item menu-item-type-post_type menu-item-object-page">
            <a href="https://twitter.com" title="Twitter" target="_blank" rel="noopener">Twitter</a>
        </li>
        
    </ul>
    <p id="copyright">
        &copy; 2019 yuntao you.
        Powered by <a href="http://hexo.io/" title="Hexo" target="_blank" rel="noopener">Hexo</a>
        Theme <a href="https://github.com/Fechin/hexo-theme-diaspora" title="Diaspora" target="_blank" rel="noopener">Diaspora</a>
        by Fechin
    </p>
</div>

<div id="container">
    
<div id="screen">
    <div id="mark">
        <div class="layer" data-depth="0.4">
            <img src="/img/1.jpg" id="cover" crossorigin="anonymous" width="1920" height="1080">
        </div>
    </div>
    <div id="vibrant">
        <svg viewbox="0 0 2880 1620" height="100%" preserveaspectratio="xMaxYMax slice">
            <polygon opacity="0.7" points="2000,1620 0,1620 0,0 600,0 "/>
        </svg>
        <div></div>
    </div>
    <div id="header">
        <div>
            <a class="image-logo" href="/"></a>
            <div class="icon-menu switchmenu"></div>
        </div>
    </div>
    
    <div id="post0">
        <p>十一月 08, 2019</p>
        <h2><a href="/2019/11/08/上海杯pwn1/" title="上海大学生pwn wp" class="posttitle">上海大学生pwn wp</a></h2>
        <p class="summary">pwn1 boringheap日常检查：首先把做这道题必须要知道abs的负数溢出：简单介绍一下： 
#includ...</p>
    </div>
    
</div>

    <div id="primary">
        
<div class="post">
    <a href="/2019/10/30/app-测试/" title="app 测试">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 30, 2019</p>
        <h3><a href="/2019/10/30/app-测试/" title="app 测试" class="posttitle">app 测试</a></h3>
        <p>一、环境配置1.运行环境：   

JDK ：java环境就不用说了，android都包含java外壳。
ADT ：ADT 中除了 adb（Android...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/14/pwn-HCTF2016-brop/" title="pwn HCTF2016 brop">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 14, 2019</p>
        <h3><a href="/2019/10/14/pwn-HCTF2016-brop/" title="pwn HCTF2016 brop" class="posttitle">pwn HCTF2016 brop</a></h3>
        <p>BROP这里首先要介绍一种攻击方式–BROP（Blind Return Oriented Programming），最初的论文。      
简介+攻击的...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/12/Hitcon-Training-lab11/" title="Hitcon-Training-lab13">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 12, 2019</p>
        <h3><a href="/2019/10/12/Hitcon-Training-lab11/" title="Hitcon-Training-lab13" class="posttitle">Hitcon-Training-lab13</a></h3>
        <p>首先检查下保护之后放入ida查看：可以看到这是一道典型的菜单题：第一个功能creat：我们可以通过下面两处来大致猜测一下heaparray[]的结构。  ...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/10/Untitled/" title="pwn gdb调试小结">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 10, 2019</p>
        <h3><a href="/2019/10/10/Untitled/" title="pwn gdb调试小结" class="posttitle">pwn gdb调试小结</a></h3>
        <p>1.保护
PIE：位置独立的可执行区域（position-independent executables）

ASLR：内存地址随机化机制（address...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/09/house-of-orange/" title="house of orange（二）">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 09, 2019</p>
        <h3><a href="/2019/10/09/house-of-orange/" title="house of orange（二）" class="posttitle">house of orange（二）</a></h3>
        <p>之前没学_IO_file这部分就没了后续，今天赶紧把坑填了。接着上篇的基础知识，正好拿个经典例题来练练手：house of orange日常的检查，很完美...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/09/gdb调试glibc代码学习House-of-Orange/" title="gdb调试glibc代码学习House of Orange">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 09, 2019</p>
        <h3><a href="/2019/10/09/gdb调试glibc代码学习House-of-Orange/" title="gdb调试glibc代码学习House of Orange" class="posttitle">gdb调试glibc代码学习House of Orange</a></h3>
        <p>学习资料：https://bbs.pediy.com/thread-251195.htm先占个坑，有时间写一下。
</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/08/IO-FILE学习/" title="_IO_FILE学习">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 08, 2019</p>
        <h3><a href="/2019/10/08/IO-FILE学习/" title="_IO_FILE学习" class="posttitle">_IO_FILE学习</a></h3>
        <p>之前在学习house of orange的时候，涉及到了_IO_FILE，今天就来学习一下。  
_IO_FILE结构_IO_FILE：   
glibc...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/07/BCTF2016-bcloud/" title="BCTF2016 bcloud">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 07, 2019</p>
        <h3><a href="/2019/10/07/BCTF2016-bcloud/" title="BCTF2016 bcloud" class="posttitle">BCTF2016 bcloud</a></h3>
        <p>首先来一波日常的检查：这里看到程序只开启了partial relro保护，说明我们是可以修改got表的。放入ida中查看：首先看到有一个让我们输入名字的函...</p>
    </div>
</div>


<div class="post">
    <a href="/2019/10/06/Hitcon-2016-secret-holder/" title="Hitcon 2016 secret holder">
        <img src="/img/yyt.jpg" class="cover" width="680" height="440">
    </a>
    <div class="else">
        <p>十月 06, 2019</p>
        <h3><a href="/2019/10/06/Hitcon-2016-secret-holder/" title="Hitcon 2016 secret holder" class="posttitle">Hitcon 2016 secret holder</a></h3>
        <p>首先日常的一波检查：放入ida分析：可以看到这里让我们进行三个选择，接下来我们仔细分析一下这几个功能：可以看到在keep功能里给我们提供了三种大小的hea...</p>
    </div>
</div>


    </div>
    
    <div id="pager"><a href="/page/2/" class="more">加载更多</a></div>
    
</div>
<div id="preview"></div>

<script src="/live2dw/lib/L2Dwidget.min.js?094cbace49a39548bed64abff5988b05"></script><script>L2Dwidget.init({"pluginModelPath":"assets/","model":{"jsonPath":"/live2dw/assets/nito.model.json"},"display":{"position":"lift","width":200,"height":350},"mobile":{"show":true},"log":false,"pluginJsPath":"lib/","pluginRootPath":"live2dw/","tagMode":false});</script></body>
<script src="//cdn.jsdelivr.net/npm/gitalk@1/dist/gitalk.min.js"></script>
<script src="//lib.baomitu.com/jquery/1.8.3/jquery.min.js"></script>
<script src="/js/plugin.js"></script>
<script src="/js/diaspora.js"></script>
<link rel="stylesheet" href="/photoswipe/photoswipe.css">
<link rel="stylesheet" href="/photoswipe/default-skin/default-skin.css">
<script src="/photoswipe/photoswipe.min.js"></script>
<script src="/photoswipe/photoswipe-ui-default.min.js"></script>

<!-- Root element of PhotoSwipe. Must have class pswp. -->
<div class="pswp" tabindex="-1" role="dialog" aria-hidden="true">
    <!-- Background of PhotoSwipe. 
         It's a separate element as animating opacity is faster than rgba(). -->
    <div class="pswp__bg"></div>
    <!-- Slides wrapper with overflow:hidden. -->
    <div class="pswp__scroll-wrap">
        <!-- Container that holds slides. 
            PhotoSwipe keeps only 3 of them in the DOM to save memory.
            Don't modify these 3 pswp__item elements, data is added later on. -->
        <div class="pswp__container">
            <div class="pswp__item"></div>
            <div class="pswp__item"></div>
            <div class="pswp__item"></div>
        </div>
        <!-- Default (PhotoSwipeUI_Default) interface on top of sliding area. Can be changed. -->
        <div class="pswp__ui pswp__ui--hidden">
            <div class="pswp__top-bar">
                <!--  Controls are self-explanatory. Order can be changed. -->
                <div class="pswp__counter"></div>
                <button class="pswp__button pswp__button--close" title="Close (Esc)"></button>
                <button class="pswp__button pswp__button--share" title="Share"></button>
                <button class="pswp__button pswp__button--fs" title="Toggle fullscreen"></button>
                <button class="pswp__button pswp__button--zoom" title="Zoom in/out"></button>
                <!-- Preloader demo http://codepen.io/dimsemenov/pen/yyBWoR -->
                <!-- element will get class pswp__preloader--active when preloader is running -->
                <div class="pswp__preloader">
                    <div class="pswp__preloader__icn">
                      <div class="pswp__preloader__cut">
                        <div class="pswp__preloader__donut"></div>
                      </div>
                    </div>
                </div>
            </div>
            <div class="pswp__share-modal pswp__share-modal--hidden pswp__single-tap">
                <div class="pswp__share-tooltip"></div> 
            </div>
            <button class="pswp__button pswp__button--arrow--left" title="Previous (arrow left)">
            </button>
            <button class="pswp__button pswp__button--arrow--right" title="Next (arrow right)">
            </button>
            <div class="pswp__caption">
                <div class="pswp__caption__center"></div>
            </div>
        </div>
    </div>
</div>




</html>