01
wirte a proc_macro_attribute to automatically generate docs for axum
Recently, I was working on a project that uses axum, a web framework for Rust. I wanted to generate API documentation for the project, but…
Recently, I was working on a project that uses axum, a web framework for Rust. I wanted to generate API documentation for the project, but…
自从defcon出过新版musl libc的pwn之后,感觉之后可能会有一波musl lib pwn,果然强网杯的时候就看到了。可以预见,之后可能就会有musl libc master pwn,这两天趁着空闲的时候大概看了一下musl libc的源码,简单的做了一下笔记: !…
reference: The Poc cve-2019-6788 is a heap overflow vulnerability in qemu, it occurs in tcp emu(slirp/tcp subr.c) : In EMU IDENT,It copies…
Recently I'm confused by my research. I need to publish a paper for my degree. It seems easy for a ctfer? But I think it's hard to write a…
reference Recently, there are many qemu escape challenges in ctf. I have never leaned it before, so i decided to study it to adjust the mo…
There are some stack overflow vulnerability in cisco IOS system like CVE-2017-6736 and CVE-2018-0171,but there are little exp or analysi…
原文链接:任意データ書き込みHeap-Sprayに使える構造体 前段时间在asis ctf里面看到一个kernel题,是一个slab的off by null。想起了之前看到的CVE-2016-6187的利用,但是调了半天还是没调出来,想了想自己确实也很久没有跟过kernel的…