0%

To Do List

灵犀反编译器计划(Linci-Project)启动!

GSoC 2020: SLEIGH Disassembler Backend

Introduction

Hello all, I’m Jiaxiang Zhou from China. I was lucky to be selected as a participant of Radare2 project this year. My main work was to integrate SLEIGH as a disassembly backend into Radare2. r2ghidra-dec was my main working repository, aiming to delivering Ghidra’s decompiler to Radare2. It could be renamed as r2ghidra since it would become not only a decompiler but a complete bridge between Radare2 and Ghidra after this project.

Special thanks should be given to my mentors, Florian Märkl, Giovanni, and Anton. Your patience and guidance are all well appreciated. I couldn’t have completed this project without your support.

Here’s the slides made for r2con2020.

Read more »

空指针MISC第一场公开赛

模拟信号部分挺有意思,之后的固件打包什么的就很无聊

Read more »

高校战“疫”网络安全分享赛

安卓远程exploit和区块链都挺有意思的

合约交易的时候gas limit一定要给够。

Read more »

Null Pointer第一次RE公开赛

关键词: windows逆向, 混淆, 32/64位切换

Read more »

XNUCA2019 Flag Teller

按照寒假的计划好好的研究了这道XNUCA2019资格赛中零解的Flag Teller,本题是出题方基于WCTF2019中的TPM2137这道题目出的题。属于非常少见的FPGA逆向,在经历一周的努力之后可以确认在当前的条件下这道题目近乎于无解,除非做题方拥有非常高超的仿真能力和丰富的经验。

Read more »

CVE 2017-13287 复现

2018年4月,Android安全公告公布了CVE-2017-13287漏洞。与同期披露的其他漏洞一起,同属于框架中Parcelable对象的写入(序列化)与读出(反序列化)的不一致所造成的漏洞。在刚看到谷歌对于漏洞给出的补丁时一头雾水,

在这里要感谢heeeeen@MS509Team在这个问题上的成果,启发了我的进一步研究。

Read more »