How to Implement a Website with MVC Architecture using PHP

The MVC Architecture, benefiting the developers maintaining and improving the web considerably, has becoming the trends and mature technique with numerous frameworks. The following slides is the simply intro and analysis about MVC using PHP (Laravel),  Hoping helps!
張貼留言

ROP Notes

[SOCAT]
$ socat TCP4-LISTEN:14952,fork EXEC:./ropme

[PWNTOOLS]

[PEDA]

[QIRA]
$ qira ./a.out
$ qira -s ./a.out
$ socat tcp-l:4000,reuseaddr,fork exec:"qira ./a.out"

[ROPgadget]

[GCC]
$ gcc -z execstack -fno-stack-protector -o ./ropme ./ropme.c # Cancel DEP and Stack Protector

[Core Dump Setting]
$ ulimit -c unlimited

[DEP Check]
$ readelf -l ./ropme

[ASLR Check]
$ echo 0 > /proc/sys/kernel/randomize_va_space
$ echo 2 > /proc/sys/kernel/randomize_va_space
$ cat /proc/[pid]/maps
$ ldd ./ropme

[Check Content]
$ objdump -s ./ropme
$ objdump -s -j .rodata ./ropme
$ string ./ropme

[PLT Function]
$ objdump -d -j .plt ./ropme

[GOT Table]
$ objdump -R ./ropme

[BSS Section Get]
$ objdump -H ./ropme
$ readelf -S ./ropme

[GDB Usages]
# Debug Core Dump
$ gdb -c <core_file> ./ropme
 (gdb) bt
 (gdb) bt full

$ gdb ./ropme
 (gdb) break main
 (gdb) run < payload
 (gdb) print system # print variable "system"
 (gdb) print __libc_start_main # print variable "__libc_start_main"
 (gdb) find 0xb7e393f0, +2200000, "/bin/sh" # find string in the memory
 (gdb) x/s 0xb7f81ff8 # print string of the memory
 (gdb) x/10s $esp-144 # print 10 strings on the address of "$esp-144"
 (gdb) x/1xg $rsp
 (gdb) x/4tb # Binary 1 bytes
 (gdb) x/5xh # Hex 2 bytes
 (gdb) x/6dw # Signed Digit 4 bytes
 (gdb) x/7ug # Unsigned Digit 8 bytes
 (gdb) list # list codes

留言

張貼留言