├── .gitignore ├── README.md ├── SUMMARY.md ├── assets ├── Linux-kernel-exploit研究和探索.pdf └── Linux内核级exploit原理及应用.pdf ├── code └── stack_overflow │ └── 01_base │ ├── exploit.c │ ├── stack.bin │ └── stack.c ├── docs ├── Linux安全机制 │ ├── ASLR地址空间布局随机化.md │ ├── Linux安全机制.md │ ├── NX不可执行内存.md │ ├── image │ │ ├── 1533869541955.png │ │ ├── 1533869550057.png │ │ ├── 1533869565811.png │ │ ├── 1533869691375.png │ │ ├── 1533869737367.png │ │ └── 1533869742623.png │ ├── 使用return-to-libc绕过NX位.md │ ├── 使用链式return-to-libc绕过NX位.md │ ├── 栈溢出保护.md │ ├── 绕过ASLR-PART2.md │ ├── 绕过ASLR-PART3.md │ └── 绕过ASLR.md ├── Off-By-One漏洞 │ ├── Off-By-One漏洞.md │ ├── image │ │ └── 1533565381126.png │ ├── 基于堆的Off-By-One漏洞.md │ └── 基于栈的Off-By-One漏洞.md ├── exploit面试 │ └── exploit面试.md ├── shellcode开发 │ ├── shellcode原理.md │ └── shellcode开发.md ├── 基础知识 │ ├── Linux函数调用汇编.md │ ├── Linux系统调用过程.md │ ├── Linux进程内存布局.md │ ├── image │ │ ├── 1533109954790.png │ │ ├── 1533111296688.png │ │ ├── 1533111319374.png │ │ ├── 1533111940281.png │ │ ├── 1533112066980.png │ │ ├── 1533112232127.png │ │ ├── 1533112615937.png │ │ ├── 1533112675149.png │ │ ├── 1533886779928.png │ │ └── 1533886797099.png │ ├── 基础知识.md │ └── 用户态与内核态间数据传递操作的本质.md ├── 漏洞挖掘技术 │ ├── fuzz模糊测试.md │ ├── image │ │ ├── 1533865738415.png │ │ └── 1533865832625.png │ ├── 框架-syzkaller.md │ ├── 框架-syzkaller搭建Qemu环境.md │ └── 漏洞挖掘技术.md └── 缓冲区溢出漏洞 │ ├── image │ ├── 1533563204195.png │ ├── 1533563677527.png │ ├── 1533563721862.png │ ├── 1533609993323.png │ ├── 1533610193619.png │ ├── 1533610204612.png │ └── 1533610245938.png │ ├── 典型的基于堆栈的缓冲区溢出-实验楼.md │ ├── 典型的基于堆栈的缓冲区溢出.md │ ├── 整数溢出.md │ └── 缓冲区溢出漏洞.md ├── image ├── 1533559300109.png ├── 1533647831908.png ├── 1533647874654.png ├── 1533647907776.png ├── 1533651979054.png ├── 1533651995767.png ├── 1533726569383.png ├── 1533805203680.png └── 1533954860034.png └── reference ├── Exploit编写系列教程1-10.pdf ├── Linux内核级exploit原理及应用.pdf ├── Linux内核级exploit原理及应用_李晨曦.pdf ├── Linux环境下缓冲区溢出漏洞检测方法研究_燕佳芬.caj ├── Shellcoder编程揭秘.pdf ├── shellcode手册中文版.pdf └── 基于模拟攻击的内核提权漏洞自动利用系统_李晓琦.pdf /.gitignore: -------------------------------------------------------------------------------- 1 | .back 2 | *.o 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/README.md -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/SUMMARY.md -------------------------------------------------------------------------------- /assets/Linux-kernel-exploit研究和探索.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/assets/Linux-kernel-exploit研究和探索.pdf -------------------------------------------------------------------------------- /assets/Linux内核级exploit原理及应用.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/assets/Linux内核级exploit原理及应用.pdf -------------------------------------------------------------------------------- /code/stack_overflow/01_base/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/code/stack_overflow/01_base/exploit.c -------------------------------------------------------------------------------- /code/stack_overflow/01_base/stack.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/code/stack_overflow/01_base/stack.bin -------------------------------------------------------------------------------- /code/stack_overflow/01_base/stack.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/code/stack_overflow/01_base/stack.c -------------------------------------------------------------------------------- /docs/Linux安全机制/ASLR地址空间布局随机化.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/ASLR地址空间布局随机化.md -------------------------------------------------------------------------------- /docs/Linux安全机制/Linux安全机制.md: -------------------------------------------------------------------------------- 1 | # Linux安全机制 2 | 3 | -------------------------------------------------------------------------------- /docs/Linux安全机制/NX不可执行内存.md: -------------------------------------------------------------------------------- 1 | # NX不可执行内存 2 | 3 | -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869541955.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869541955.png -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869550057.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869550057.png -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869565811.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869565811.png -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869691375.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869691375.png -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869737367.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869737367.png -------------------------------------------------------------------------------- /docs/Linux安全机制/image/1533869742623.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/image/1533869742623.png -------------------------------------------------------------------------------- /docs/Linux安全机制/使用return-to-libc绕过NX位.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/使用return-to-libc绕过NX位.md -------------------------------------------------------------------------------- /docs/Linux安全机制/使用链式return-to-libc绕过NX位.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/使用链式return-to-libc绕过NX位.md -------------------------------------------------------------------------------- /docs/Linux安全机制/栈溢出保护.md: -------------------------------------------------------------------------------- 1 | # 栈溢出保护 2 | 3 | -------------------------------------------------------------------------------- /docs/Linux安全机制/绕过ASLR-PART2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/绕过ASLR-PART2.md -------------------------------------------------------------------------------- /docs/Linux安全机制/绕过ASLR-PART3.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/绕过ASLR-PART3.md -------------------------------------------------------------------------------- /docs/Linux安全机制/绕过ASLR.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Linux安全机制/绕过ASLR.md -------------------------------------------------------------------------------- /docs/Off-By-One漏洞/Off-By-One漏洞.md: -------------------------------------------------------------------------------- 1 | # Off-By-One漏洞 2 | 3 | -------------------------------------------------------------------------------- /docs/Off-By-One漏洞/image/1533565381126.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Off-By-One漏洞/image/1533565381126.png -------------------------------------------------------------------------------- /docs/Off-By-One漏洞/基于堆的Off-By-One漏洞.md: -------------------------------------------------------------------------------- 1 | # 基于堆的Off-By-One漏洞 2 | 3 | -------------------------------------------------------------------------------- /docs/Off-By-One漏洞/基于栈的Off-By-One漏洞.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/Off-By-One漏洞/基于栈的Off-By-One漏洞.md -------------------------------------------------------------------------------- /docs/exploit面试/exploit面试.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/exploit面试/exploit面试.md -------------------------------------------------------------------------------- /docs/shellcode开发/shellcode原理.md: -------------------------------------------------------------------------------- 1 | # shellcode原理 2 | 3 | -------------------------------------------------------------------------------- /docs/shellcode开发/shellcode开发.md: -------------------------------------------------------------------------------- 1 | # shellcde开发 2 | 3 | -------------------------------------------------------------------------------- /docs/基础知识/Linux函数调用汇编.md: -------------------------------------------------------------------------------- 1 | # Linux函数调用汇编 2 | 3 | -------------------------------------------------------------------------------- /docs/基础知识/Linux系统调用过程.md: -------------------------------------------------------------------------------- 1 | # Linux系统调用过程 2 | 3 | -------------------------------------------------------------------------------- /docs/基础知识/Linux进程内存布局.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/Linux进程内存布局.md -------------------------------------------------------------------------------- /docs/基础知识/image/1533109954790.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533109954790.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533111296688.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533111296688.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533111319374.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533111319374.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533111940281.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533111940281.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533112066980.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533112066980.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533112232127.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533112232127.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533112615937.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533112615937.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533112675149.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533112675149.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533886779928.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533886779928.png -------------------------------------------------------------------------------- /docs/基础知识/image/1533886797099.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/image/1533886797099.png -------------------------------------------------------------------------------- /docs/基础知识/基础知识.md: -------------------------------------------------------------------------------- 1 | # 基础知识 2 | 3 | -------------------------------------------------------------------------------- /docs/基础知识/用户态与内核态间数据传递操作的本质.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/基础知识/用户态与内核态间数据传递操作的本质.md -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/fuzz模糊测试.md: -------------------------------------------------------------------------------- 1 | # fuzz模糊测试 2 | 3 | -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/image/1533865738415.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/漏洞挖掘技术/image/1533865738415.png -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/image/1533865832625.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/漏洞挖掘技术/image/1533865832625.png -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/框架-syzkaller.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/漏洞挖掘技术/框架-syzkaller.md -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/框架-syzkaller搭建Qemu环境.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/漏洞挖掘技术/框架-syzkaller搭建Qemu环境.md -------------------------------------------------------------------------------- /docs/漏洞挖掘技术/漏洞挖掘技术.md: -------------------------------------------------------------------------------- 1 | # 漏洞挖掘技术 2 | 3 | -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533563204195.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533563204195.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533563677527.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533563677527.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533563721862.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533563721862.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533609993323.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533609993323.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533610193619.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533610193619.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533610204612.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533610204612.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/image/1533610245938.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/image/1533610245938.png -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/典型的基于堆栈的缓冲区溢出-实验楼.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/典型的基于堆栈的缓冲区溢出-实验楼.md -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/典型的基于堆栈的缓冲区溢出.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/典型的基于堆栈的缓冲区溢出.md -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/整数溢出.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/docs/缓冲区溢出漏洞/整数溢出.md -------------------------------------------------------------------------------- /docs/缓冲区溢出漏洞/缓冲区溢出漏洞.md: -------------------------------------------------------------------------------- 1 | # 缓冲区溢出漏洞 2 | 3 | -------------------------------------------------------------------------------- /image/1533559300109.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533559300109.png -------------------------------------------------------------------------------- /image/1533647831908.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533647831908.png -------------------------------------------------------------------------------- /image/1533647874654.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533647874654.png -------------------------------------------------------------------------------- /image/1533647907776.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533647907776.png -------------------------------------------------------------------------------- /image/1533651979054.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533651979054.png -------------------------------------------------------------------------------- /image/1533651995767.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533651995767.png -------------------------------------------------------------------------------- /image/1533726569383.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533726569383.png -------------------------------------------------------------------------------- /image/1533805203680.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533805203680.png -------------------------------------------------------------------------------- /image/1533954860034.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/image/1533954860034.png -------------------------------------------------------------------------------- /reference/Exploit编写系列教程1-10.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/Exploit编写系列教程1-10.pdf -------------------------------------------------------------------------------- /reference/Linux内核级exploit原理及应用.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/Linux内核级exploit原理及应用.pdf -------------------------------------------------------------------------------- /reference/Linux内核级exploit原理及应用_李晨曦.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/Linux内核级exploit原理及应用_李晨曦.pdf -------------------------------------------------------------------------------- /reference/Linux环境下缓冲区溢出漏洞检测方法研究_燕佳芬.caj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/Linux环境下缓冲区溢出漏洞检测方法研究_燕佳芬.caj -------------------------------------------------------------------------------- /reference/Shellcoder编程揭秘.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/Shellcoder编程揭秘.pdf -------------------------------------------------------------------------------- /reference/shellcode手册中文版.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/shellcode手册中文版.pdf -------------------------------------------------------------------------------- /reference/基于模拟攻击的内核提权漏洞自动利用系统_李晓琦.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/learn-linux_exploit/HEAD/reference/基于模拟攻击的内核提权漏洞自动利用系统_李晓琦.pdf --------------------------------------------------------------------------------