Lecture 01:Bits,Bytes and Integer大端法与小端法对于0x01234567，最高有效为0x01，最低有效位为0x67 大端法： ··· 0x100 0x101 0x102 0x103 ··· ··· 01 23 45

Lecture 02: Floating point浮点数二进制小数与整数一样，个位代表$2^0$,那么小数点后的k位数就是$2^{-k}$。 对于$0.111…111_2$这样

Challenges_100-Week_3 Challenges Tricks pwnable.top-start shellcode pwnable.top-orw shellcode startida1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 push esp push offset _exit xor eax, eax xor ebx, ebx xor ecx, ecx xor edx, edx push 3A465443h push 20656874h push 20747261h push 74732073h push 2774654Ch mov ecx, esp ; addr mov dl, 14h ; len

unlink1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 /* Take a chunk off a bin list */ // unlink p #define unlink(AV, P, BK, FD) { if (__builtin_expect (chunksize(P) != prev_size (next_chunk(P)), 0)) malloc_printerr ("corrupted size vs. prev_size"); FD = P->fd; BK =

Challenges_100-Week_2 Challenges Tricks 攻防世界-4-ReeHY-main-100 ROP/unlink+double free 4-ReeHY-main-100checksec1 2 3 4 5 6 [*] '/home/niebelungen/Desktop/pwn/4-ReeHY-main-100/pwn' Arch: amd64-64-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x400000) IDA1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

Challenges_100-Week_1 Challenges Tricks [攻防世界-Recho](# recho) Hack got+ROP+experience [攻防世界-supermarket](# supermarket) UAF+Hack got [攻防世界-hacknote](# hacknote) UAF 新的一年百题斩的

Lilac HIT本部的ctf战队Lilac的中秋活动，只有三道PWN。 PWN1checksec1 2 3 4 5 6 [*] '/home/giantbranch/Desktop/pwn/mid-autum-fun1/pwn' Arch: amd64-64-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x400000) ida向v7中写入v6大小的数