-
When building a ROP chain with multiple ELFs, there seems to be a bug.
I'm getting wildly varying behavior depending on the order in which I load the ELFs, which definitely should not be happening,…
-
## Proposal: A built-in Go error check function, `try`
**This proposal has been [closed](https://github.com/golang/go/issues/32437#issuecomment-512035919). Thanks, everybody, for your input.**
B…
-
### Description
So lets say I want to generate a reverse shell rop chain.
1. I start with calling "socket(int domain, int type, int protocol)" with domain = 2, type = 1, protocol = 0. The result o…
-
I cant build the 'msg.go' and 'webfig.go'.
I want know how to support CVE-2023-30799 in Mips?
Can Sharing?
-
Hi evyatar9, thanks for your nice write-up. I've tried this challenge but missed the target because without 'ret' instruction. May I ask one question about how you found the stack is misaligned, and w…
-
Accuracy is around 0.5 in newer generation CPUs, i5-8265u and i7-10700 (ubuntu 18.04, one kernel is 5.15.0-58-genric and the other is around 5.xx.x).
I run the steps as mentioned in another issue …
-
Hello
I am experimenting the approach where the mmapped mppbuffer pointer is directly referenced to AVFrame->data[0,1,2], so that i can get rid off memcopy totally. I could expect some alignment is…
-
In [this](https://arxiv.org/abs/2103.08229) ROP attack paper, the authors managed to attack RISC-V using hidden execution path in the code. The return instructions return to the addresses which are no…
-
I noted that any browser that runs in sandboxie is not protected by mbae; please add this functionality.
Thank you, you are doing a great job.
-
Thanks for contributing to Pwntools! Ideas from the community help make Pwntools an amazing tool for everybody.
If you've got an idea for a new feature, please provide information about:
* Wha…