This is a white-box fuzzing libxml2 v2.9.2 challenge to reproduce CVE-2015-8317
Congrats to QuiHao by the way, a brand new qemu 0day Orzzzz!!!
After all these frustrations due to the virus, I finally get back on the right track. American fuzzy lop (AFL) is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.
Mirai 是一个在全平台下运行，提供 QQ 协议支持的高效率机器人库。这个项目的名字来源于京都动画作品《境界的彼方》的栗山未来(Kuriyama Mirai)，本文将基于 Mirai 构建 Minecraft 与 QQ 协同的聊天机器人，需求有三
CTF games have flourished in recent years. However, more GLIBC heap allocator exploit techiniques are becoming boring and meaningless, especially for games in China. Challenges are well-designed, deliberately constructed, leading to specific ways to solve them, which is actually further and further away from real world exploits. I started to aim more at Linux kernel memory allocator these days and gathered some imformation about Buddy System & SLUB hitherto.
Like user mode, there are also couples of ways of mitigation against exploits in Linux kernel. Here is a list of mitigation in kernel mode and methods to bypass some of them.