Skip to content

update: fix readme and append a chinese version. #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 8, 2016
Merged

update: fix readme and append a chinese version. #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions README-zh.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
# linux exploit development tutorial

## 这是什么?

这是面向新手的 linux exploit 开发指南.

测试机器是 ubuntu 14.04 的默认安装.

*其他语言阅读 readme: [English](README.md), [简体中文](README-zh.md).*

## 如何组织的?

### 第一章节: 基础至少

基础部分知识比如: 栈与堆分别是什么? c 语言如何转换成汇编? 内存布局是什么样的? ...

基础的安全知识如: 什么是堆栈溢出? 堆分配器是如何工作的?...

### 第二章节: 栈的安全

主要关注在现代 linux 上栈的安全防护机制及其绕过的常规套路.

### 第三章节: 堆的安全

主要关注在现代 linux 上 glibc 下堆的安全防护机制及其绕过的常规套路.

### 第四章节: 内核的安全

主要关注在现代 linux (2.6.32)及其以后版本的内核本身的安全机制与内核提供给用户态的安全机制.

### 第五章节: 漏洞发现

(WIP)

这个章节对我来说目前也是一个新领域.

## 如何修改和更新 ?

```shell
sudo dnf install texlive-\* -y
git clone git@github.com:hardenedlinux/linux_exploit_development_tutorial.git
cd linux_exploit_development_tutorial
make # preview
```

## 如何实践文档代码 ?

(WIP)

源代码会陆续放到`lab-code`目录中,其实更倾向于提供一个虚拟机镜像供下载.

...

## 版权

这个项目是以 <a href="http://creativecommons.org/licenses/by-sa/3.0/" target="_blank">知识共享署名-相同方式共享 3.0</a> 许可协议授权.
30 changes: 18 additions & 12 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,34 +1,40 @@
# linux exploit development tutorial

## what's this ?
## What's this ?

A series tutorial for linux exploit development to newbie.

## how to organize ?
The test machine is ubuntu 14.04 which was default install.

*Read this in other languages: [English](README.md), [简体中文](README-zh.md).*

## How to organize ?

### chapter 1: Basic knowledge

base knowledge like : what's stack and heap ? how convert c language to assembly language ? what's elf and memroy layout? etc..

base vulnerability problems like : what's is overflow and memory corruption ? how heap working ? etc...

### chapter 2: Stack security

we focus userspace stack security mechanism and bypass.
this chapter focus userspace stack security mechanism and bypass.

### chapter 3: Heap security

we focus userspace heap(ptmalloc2 of glibc) security mechanism and bypass.
this chapter focus the security mechanism of heap in modern linux.

### chapter 4: Kernel security

we focus kernel security mechanism for self and userland.
WIP...
this chapter focus the mechanism security of modern linux kernel (2.6.32) and later

### chapter 5: Vulnerability discovery

WIP...
(WIP)

## how to modify and update ?
this chapter is a new filed to me.

## How to modify and update ?

```shell
sudo dnf install texlive-\* -y
Expand All @@ -37,12 +43,12 @@ cd linux_exploit_development_tutorial
make # preview
```

## how to hand on ?
## How to hand on ?

some source code in `lab-code`.
(WIP)

WIP...
some source code in `lab-code`.

## copyleft

CC-BY-NC-SA 4.0 Unported
This work is licensed under the <a href="http://creativecommons.org/licenses/by-sa/3.0/" target="_blank">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>