调试工具rr

rr

学习日记0226

houseoflemon houseofstorm

学习日记0219

seethefile houseoforange

vm-Pwn

RoarCTF-ez_op ByteCTF-ezarch badblock

安洵杯 MIPS

MIPS 环境搭建 wp

湖湘杯 wp

HackNote和NameSystem的wp

how2heap总结

how2heap

巅峰极客 ichunqiu wp

Snote和Pwn的wp

RoarCTF wp

easypwn和realloc_magic的wp

overlap方法小结

本文不考虑和top合并, 并且大小非fastbin。实际做题的时候得要考虑top。 free时overlappoison_null_byteP(P是size被null的块)|Q 需要构造的点: 1231. chunksize(P) == prev_size (next_chunk(P)) //因为offbyone...