Site updated: 2024-10-15 15:17:38

linanwx · Oct 15, 2024 · c4658a7 · c4658a7
1 parent 4619ff6
commit c4658a7
Show file tree

Hide file tree

Showing 10 changed files with 1,875 additions and 13 deletions.
diff --git a/en/index.html b/en/index.html
@@ -199,7 +199,7 @@ <h2 class="post-title" itemprop="name headline">
       <span class="post-meta-item-text">Posted on</span>
 
 
-      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:15:17" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
+      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:17:34" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
     </span>
 
 
@@ -253,9 +253,7 @@ <h2 id="Attack-Steps"><a href="#Attack-Steps" class="headerlink" title="Attack S
 <li>When the command <code>perl -e &#39;system &quot;./obo&quot;, &quot;\x38\x84\x04\x08&quot;x256&#39;</code> is executed, the program takes these repeated bytes as the input to <code>./obo</code>.</li>
 <li>As the <code>foo</code> function returns, the <code>leave</code> and <code>ret</code> instructions are executed, leading to the return address being overwritten. This causes the program to jump to the <code>bar</code> function, printing the success message multiple times.</li>
 </ul>
-<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><p>Certainly! Here’s an English explanation of the stack frame layout as part of your article:</p>
-<hr>
-<h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
+<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
 <figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">0xbfffed10   return address</span><br><span class="line">0xbfffed0c   saved frame pointer (ebp)</span><br><span class="line">0xbfffed0b   buf[1023]</span><br><span class="line">...</span><br><span class="line">0xbfffed03   buf[1015]</span><br><span class="line">0xbfffed02   buf[1014]</span><br><span class="line">0xbfffed01   buf[1013]</span><br><span class="line">0xbfffed00   buf[1012]</span><br><span class="line">...</span><br><span class="line">0xbfffe90c   buf[0]</span><br></pre></td></tr></table></figure>
 
 <ul>

diff --git a/en/post/2024/10/oboattact-md/index.html b/en/post/2024/10/oboattact-md/index.html
@@ -46,7 +46,7 @@
 <meta property="og:description" content="Off-by-One Overflow Attack AnalysisBackgroundLast week, I attended a security course that included an example of an off-by-one overflow vulnerability. Here is the original code: 1234567891011121314151">
 <meta property="og:locale" content="en_US">
 <meta property="article:published_time" content="2024-10-15T13:18:15.000Z">
-<meta property="article:modified_time" content="2024-10-15T14:15:17.708Z">
+<meta property="article:modified_time" content="2024-10-15T14:17:34.248Z">
 <meta property="article:author" content="Nansen Li (李楠森)">
 <meta property="article:tag" content="vulnerability">
 <meta property="article:tag" content="exploitation">
@@ -209,7 +209,7 @@ <h1 class="post-title" itemprop="name headline">
       <span class="post-meta-item-text">Posted on</span>
 
 
-      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:15:17" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
+      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:17:34" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
     </span>
 
 
@@ -262,9 +262,7 @@ <h2 id="Attack-Steps"><a href="#Attack-Steps" class="headerlink" title="Attack S
 <li>When the command <code>perl -e &#39;system &quot;./obo&quot;, &quot;\x38\x84\x04\x08&quot;x256&#39;</code> is executed, the program takes these repeated bytes as the input to <code>./obo</code>.</li>
 <li>As the <code>foo</code> function returns, the <code>leave</code> and <code>ret</code> instructions are executed, leading to the return address being overwritten. This causes the program to jump to the <code>bar</code> function, printing the success message multiple times.</li>
 </ul>
-<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><p>Certainly! Here’s an English explanation of the stack frame layout as part of your article:</p>
-<hr>
-<h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
+<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
 <figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">0xbfffed10   return address</span><br><span class="line">0xbfffed0c   saved frame pointer (ebp)</span><br><span class="line">0xbfffed0b   buf[1023]</span><br><span class="line">...</span><br><span class="line">0xbfffed03   buf[1015]</span><br><span class="line">0xbfffed02   buf[1014]</span><br><span class="line">0xbfffed01   buf[1013]</span><br><span class="line">0xbfffed00   buf[1012]</span><br><span class="line">...</span><br><span class="line">0xbfffe90c   buf[0]</span><br></pre></td></tr></table></figure>
 
 <ul>

diff --git a/index.html b/index.html
@@ -199,7 +199,7 @@ <h2 class="post-title" itemprop="name headline">
       <span class="post-meta-item-text">Posted on</span>
 
 
-      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:15:17" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
+      <time title="Created: 2024-10-15 14:18:15 / Modified: 15:17:34" itemprop="dateCreated datePublished" datetime="2024-10-15T14:18:15+01:00">2024-10-15</time>
     </span>
 
 
@@ -253,9 +253,7 @@ <h2 id="Attack-Steps"><a href="#Attack-Steps" class="headerlink" title="Attack S
 <li>When the command <code>perl -e &#39;system &quot;./obo&quot;, &quot;\x38\x84\x04\x08&quot;x256&#39;</code> is executed, the program takes these repeated bytes as the input to <code>./obo</code>.</li>
 <li>As the <code>foo</code> function returns, the <code>leave</code> and <code>ret</code> instructions are executed, leading to the return address being overwritten. This causes the program to jump to the <code>bar</code> function, printing the success message multiple times.</li>
 </ul>
-<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><p>Certainly! Here’s an English explanation of the stack frame layout as part of your article:</p>
-<hr>
-<h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
+<h2 id="Further-Analysis-Determining-Effective-Overwrite-Locations"><a href="#Further-Analysis-Determining-Effective-Overwrite-Locations" class="headerlink" title="Further Analysis: Determining Effective Overwrite Locations"></a>Further Analysis: Determining Effective Overwrite Locations</h2><h2 id="Stack-Frame-Layout-Explanation"><a href="#Stack-Frame-Layout-Explanation" class="headerlink" title="Stack Frame Layout Explanation"></a>Stack Frame Layout Explanation</h2><p>During the GDB debugging session, the memory layout for the stack frame of the <code>foo</code> function looks like this:</p>
 <figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">0xbfffed10   return address</span><br><span class="line">0xbfffed0c   saved frame pointer (ebp)</span><br><span class="line">0xbfffed0b   buf[1023]</span><br><span class="line">...</span><br><span class="line">0xbfffed03   buf[1015]</span><br><span class="line">0xbfffed02   buf[1014]</span><br><span class="line">0xbfffed01   buf[1013]</span><br><span class="line">0xbfffed00   buf[1012]</span><br><span class="line">...</span><br><span class="line">0xbfffe90c   buf[0]</span><br></pre></td></tr></table></figure>
 
 <ul>

diff --git a/zh-CN/tags/buffer-overflow/index.html b/zh-CN/tags/buffer-overflow/index.html
@@ -0,0 +1,264 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+  <meta charset="UTF-8">
+<meta name="viewport" content="width=device-width">
+<meta name="theme-color" content="#222"><meta name="generator" content="Hexo 7.3.0">
+
+  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png">
+  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png">
+  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png">
+  <link rel="mask-icon" href="/images/logo.svg" color="#222">
+
+<link rel="stylesheet" href="/css/main.css">
+
+
+
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css" integrity="sha256-5eIC48iZUHmSlSUz9XtjRyK2mzQkHScZY1WdMaoz74E=" crossorigin="anonymous">
+  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.1.1/animate.min.css" integrity="sha256-PR7ttpcvz8qrF57fur/yAx1qXMFJeJFiA6pSzWi0OIE=" crossorigin="anonymous">
+
+<script class="next-config" data-name="main" type="application/json">{"hostname":"nansenli.com","root":"/","images":"/images","scheme":"Muse","darkmode":false,"version":"8.21.0","exturl":false,"sidebar":{"position":"left","width_expanded":320,"width_dual_column":240,"display":"post","padding":18,"offset":12},"hljswrap":true,"copycode":{"enable":false,"style":null},"fold":{"enable":false,"height":500},"bookmark":{"enable":false,"color":"#222","save":"auto"},"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"stickytabs":false,"motion":{"enable":true,"async":false,"transition":{"menu_item":"fadeInDown","post_block":"fadeIn","post_header":"fadeInDown","post_body":"fadeInDown","coll_header":"fadeInLeft","sidebar":"fadeInUp"}},"i18n":{"placeholder":"搜索...","empty":"没有找到任何搜索结果：${query}","hits_time":"找到 ${hits} 个搜索结果（用时 ${time} 毫秒）","hits":"找到 ${hits} 个搜索结果"}}</script><script src="/js/config.js"></script>
+
+  <div class="languages">
+    <label class="lang-select-label">
+      <i class="fa fa-language"></i>
+      <span>简体中文</span>
+      <i class="fa fa-angle-up" aria-hidden="true"></i>
+    </label>
+    <select class="lang-select" data-canonical="" aria-label="选择语言">
+
+        <option value="en" data-href="/tags/buffer-overflow/index.html" selected="">
+          English
+        </option>
+
+        <option value="zh-CN" data-href="/zh-CN/tags/buffer-overflow/index.html" selected="">
+          简体中文
+        </option>
+
+    </select>
+  </div>
+
+    <meta property="og:type" content="website">
+<meta property="og:title" content="Nansen">
+<meta property="og:url" content="https://nansenli.com/zh-CN/tags/buffer-overflow/index.html">
+<meta property="og:site_name" content="Nansen">
+<meta property="og:locale" content="zh_CN">
+<meta property="article:author" content="Nansen Li (李楠森)">
+<meta name="twitter:card" content="summary">
+
+
+<link rel="canonical" href="https://nansenli.com/zh-CN/tags/buffer-overflow/">
+
+
+
+<script class="next-config" data-name="page" type="application/json">{"sidebar":"","isHome":false,"isPost":false,"lang":"zh-CN","comments":"","permalink":"","path":"zh-CN/tags/buffer-overflow/index.html","title":""}</script>
+
+<script class="next-config" data-name="calendar" type="application/json">""</script>
+<title>标签: buffer overflow | Nansen</title>
+
+
+
+
+
+
+
+
+
+  <noscript>
+    <link rel="stylesheet" href="/css/noscript.css">
+  </noscript>
+</head>
+
+<body itemscope itemtype="http://schema.org/WebPage" class="use-motion">
+  <div class="headband"></div>
+
+  <main class="main">
+    <div class="column">
+      <header class="header" itemscope itemtype="http://schema.org/WPHeader"><div class="site-brand-container">
+  <div class="site-nav-toggle">
+    <div class="toggle" aria-label="切换导航栏" role="button">
+        <span class="toggle-line"></span>
+        <span class="toggle-line"></span>
+        <span class="toggle-line"></span>
+    </div>
+  </div>
+
+  <div class="site-meta">
+
+    <a href="/" class="brand" rel="start">
+      <i class="logo-line"></i>
+      <p class="site-title">Nansen</p>
+      <i class="logo-line"></i>
+    </a>
+  </div>
+
+  <div class="site-nav-right">
+    <div class="toggle popup-trigger" aria-label="搜索" role="button">
+    </div>
+  </div>
+</div>
+
+
+
+<nav class="site-nav">
+  <ul class="main-menu menu"><li class="menu-item menu-item-home"><a href="/zh-CN/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a></li><li class="menu-item menu-item-archives"><a href="/zh-CN/archives/" rel="section"><i class="fa fa-archive fa-fw"></i>归档</a></li><li class="menu-item menu-item-github"><a href="https://github.com/linanwx" rel="section" target="_blank"><i class="fab fa-github fa-fw"></i>github</a></li>
+  </ul>
+</nav>
+
+
+
+
+</header>
+
+
+  <aside class="sidebar">
+
+    <div class="sidebar-inner sidebar-overview-active">
+      <ul class="sidebar-nav">
+        <li class="sidebar-nav-toc">
+          文章目录
+        </li>
+        <li class="sidebar-nav-overview">
+          站点概览
+        </li>
+      </ul>
+
+      <div class="sidebar-panel-container">
+        <!--noindex-->
+        <div class="post-toc-wrap sidebar-panel">
+        </div>
+        <!--/noindex-->
+
+        <div class="site-overview-wrap sidebar-panel">
+          <div class="site-author animated" itemprop="author" itemscope itemtype="http://schema.org/Person">
+  <p class="site-author-name" itemprop="name">Nansen Li (李楠森)</p>
+  <div class="site-description" itemprop="description"></div>
+</div>
+<div class="site-state-wrap animated">
+  <nav class="site-state">
+      <div class="site-state-item site-state-posts">
+        <a href="/archives/">
+          <span class="site-state-item-count">8</span>
+          <span class="site-state-item-name">日志</span>
+        </a>
+      </div>
+      <div class="site-state-item site-state-tags">
+        <span class="site-state-item-count">7</span>
+        <span class="site-state-item-name">标签</span>
+      </div>
+  </nav>
+</div>
+
+        </div>
+      </div>
+    </div>
+
+
+  </aside>
+
+
+    </div>
+
+    <div class="main-inner tag posts-collapse">
+
+
+
+
+
+  <div class="post-block">
+    <div class="post-content">
+      <div class="collection-title">
+        <h1 class="collection-header">buffer overflow
+          <small>标签</small>
+        </h1>
+      </div>
+
+
+    <div class="collection-year">
+      <span class="collection-header">2024</span>
+    </div>
+
+  <article itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+      <div class="post-meta-container">
+        <time itemprop="dateCreated"
+              datetime="2024-10-15T14:18:15+01:00"
+              content="2024-10-15">
+          10-15
+        </time>
+      </div>
+
+      <div class="post-title">
+          <a class="post-title-link" href="/en/post/2024/10/oboattact-md/" itemprop="url">
+            <span itemprop="name">Off-by-One Overflow Attack Analysis</span>
+          </a>
+      </div>
+
+
+    </header>
+  </article>
+
+    </div>
+  </div>
+
+
+
+
+</div>
+  </main>
+
+  <footer class="footer">
+    <div class="footer-inner">
+
+  <div class="copyright">
+    &copy; 
+    <span itemprop="copyrightYear">2024</span>
+    <span class="with-love">
+      <i class="fa fa-heart"></i>
+    </span>
+    <span class="author" itemprop="copyrightHolder">Nansen Li (李楠森)</span>
+  </div>
+  <div class="powered-by">由 <a href="https://hexo.io/" rel="noopener" target="_blank">Hexo</a> & <a href="https://theme-next.js.org/muse/" rel="noopener" target="_blank">NexT.Muse</a> 强力驱动
+  </div>
+
+    </div>
+  </footer>
+
+
+  <div class="toggle sidebar-toggle" role="button">
+    <span class="toggle-line"></span>
+    <span class="toggle-line"></span>
+    <span class="toggle-line"></span>
+  </div>
+  <div class="sidebar-dimmer"></div>
+  <div class="back-to-top" role="button" aria-label="返回顶部">
+    <i class="fa fa-arrow-up fa-lg"></i>
+    <span>0%</span>
+  </div>
+
+<noscript>
+  <div class="noscript-warning">Theme NexT works best with JavaScript enabled</div>
+</noscript>
+
+
+
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/animejs/3.2.1/anime.min.js" integrity="sha256-XL2inqUJaslATFnHdJOi9GfQ60on8Wx1C2H8DYiN1xY=" crossorigin="anonymous"></script>
+<script src="/js/comments.js"></script><script src="/js/utils.js"></script><script src="/js/motion.js"></script><script src="/js/sidebar.js"></script><script src="/js/next-boot.js"></script>
+
+
+
+
+
+
+
+
+
+
+
+
+
+<script class="next-config" data-name="disqus" type="application/json">{"enable":true,"shortname":"nansenli","count":true,"i18n":{"disqus":"disqus"}}</script>
+<script src="/js/third-party/comments/disqus.js"></script>
+
+</body>
+</html>