bakabtw/Cool-Y.github.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Site updated: 2019-07-01 17:27:59

Browse Source
This commit is contained in:
Cool-Y 2019-07-01 17:28:12 +08:00
parent 6dfe71a1fe
commit ebf1f75344
76 changed files with 4685 additions and 444 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2000/01/01/hello-world/index.html
View File

@ -558,7 +558,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -651,7 +651,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2018/11/16/BIBA访问控制模型实现(python)/index.html
View File

@ -730,7 +730,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -839,7 +839,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2018/12/15/miio-control/index.html
View File

@ -632,7 +632,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -741,7 +741,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2018/12/23/基于规则引擎发现IOT设备/index.html
View File

@ -632,7 +632,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -741,7 +741,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
View File

@ -760,7 +760,7 @@ Server -------wire----------|
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -869,7 +869,7 @@ Server -------wire----------|
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/02/22/qq数据库的加密解密/index.html
View File

@ -609,7 +609,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -718,7 +718,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/03/16/小米固件工具mkxqimage/index.html
View File

@ -616,7 +616,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -725,7 +725,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/03/23/auto-send-WX/index.html
View File

@ -626,7 +626,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -735,7 +735,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/03/25/Samba-CVE/index.html
View File

@ -651,7 +651,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -760,7 +760,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/03/28/逆向工程实验/index.html
View File

@ -754,7 +754,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -863,7 +863,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/04/15/Caving-db-storage/index.html
View File

@ -675,7 +675,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -784,7 +784,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/04/21/XIAOMI-UPnP/index.html
View File

@ -798,7 +798,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -907,7 +907,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
2019/05/13/PE-file/index.html
View File

@ -718,7 +718,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -827,7 +827,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

43
2019/05/14/pack-and-unpack/index.html
View File

@ -97,7 +97,7 @@
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837250/%E5%8A%A0%E5%A3%B3/9.png">
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837519/%E5%8A%A0%E5%A3%B3/10.png">
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837859/%E5%8A%A0%E5%A3%B3/11.png">
<meta property="og:updated_time" content="2019-05-17T08:21:24.916Z">
<meta property="og:updated_time" content="2019-05-18T06:52:27.207Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="pack and unpack">
<meta name="twitter:description" content="壳是最早出现的一种专用加密软件技术。一些软件会采取加壳保护的方式。壳附加在原始程序上通过Windows加载器载入内存后先于原始程序执行以得到控制权在执行的过程中对原始程序进行解密还原然后把控制权还给原始程序执行原来的代码。加上外壳后原始程序在磁盘文件中一般是以加密后的形式存在的只在执行时在内存中还原。这样可以有效防止破解者对程序文件进行非法修改也可以防止程序被静态反编译。 壳的加">
@ -396,7 +396,7 @@
</span>
<span title="字数统计">
3.6k 字
4.3k 字
</span>
@ -410,7 +410,7 @@
</span>
<span title="阅读时长">
12 分钟
15 分钟
</span>
</div>
@ -443,14 +443,18 @@
<li>跳转到OEP</li>
</ol>
<h1 id="通用脱壳方法"><a href="#通用脱壳方法" class="headerlink" title="通用脱壳方法"></a>通用脱壳方法</h1><p>通常脱壳的基本步骤如下:<br>1:寻找OEP<br>2:转储(PS:传说中的dump)<br>3:修复IAT(修复导入表)<br>4:检查目标程序是否存在AntiDump等阻止程序被转储的保护措施,并尝试修复这些问题。<br>以上是脱壳的经典步骤,可能具体到不同的壳的话会有细微的差别。</p>
<h2 id="寻找OEP"><a href="#寻找OEP" class="headerlink" title="寻找OEP"></a>寻找OEP</h2><h3 id="搜索JMP或者CALL指令的机器码-即一步直达法-只适用于少数壳-包括UPX-ASPACK壳"><a href="#搜索JMP或者CALL指令的机器码-即一步直达法-只适用于少数壳-包括UPX-ASPACK壳" class="headerlink" title="搜索JMP或者CALL指令的机器码(即一步直达法,只适用于少数壳,包括UPX,ASPACK壳)"></a>搜索JMP或者CALL指令的机器码(即一步直达法,只适用于少数壳,包括UPX,ASPACK壳)</h3><p> 对于一些简单的壳可以用这种方式来定位OEP,但是对于像AsProtect这类强壳(PS:AsProtect在04年算是强壳了,嘿嘿)就不适用了,我们可以直接搜索长跳转JMP(0E9)或者CALL(0E8)这类长转移的机器码,一般情况下(理想情况)壳在解密完原程序各个区段以后,需要一个长JMP或者CALL跳转到原程序代码段中的OEP处开始执行原程序代码。按CTRL+B组合键搜索一下JMP的机器码E9(CTRL+L查看下一个,看看有没有这样一个JMP跳转到原程序的代码段。</p>
<h3 id="使用OllyDbg自带的功能定位OEP-SFX法"><a href="#使用OllyDbg自带的功能定位OEP-SFX法" class="headerlink" title="使用OllyDbg自带的功能定位OEP(SFX法)"></a>使用OllyDbg自带的功能定位OEP(SFX法)</h3><p>演示这种方法目标程序我们还是选择CRACKME UPX.EXE,用OD加载该程序,然后选择菜单项Options-Debugging options-SFX。该选项只有当OllyDbg发现壳的入口点位于代码段之外的时候才会起作用,壳的入口点位于代码段中的情况还是比较少见的。</p>
<h3 id="使用Patch过的OD来定位OEP-即内存映像法"><a href="#使用Patch过的OD来定位OEP-即内存映像法" class="headerlink" title="使用Patch过的OD来定位OEP(即内存映像法)"></a>使用Patch过的OD来定位OEP(即内存映像法)</h3><p>正常的内存访问断点读取,写入,执行的时候都会断下来,该Patch过的OD内存访问断点仅当执行的时候才会断下来,我们可以利用这一点来定位OEP。<br>UPX壳的解密例程会解密原程序的各个区段并将各个区段原始字节写回到原处,我们最好不要在解密区段的过程中断下来,说不定要断成千上万次才能到达OEP,这里有了这个Patch过的OD就方便多了,其内存访问断点仅当执行的时候才会断下来,当其在执行第一个区段中的代码时,基本上就可以断定是OEP了。</p>
<h3 id="堆栈平衡法-即ESP定律法"><a href="#堆栈平衡法-即ESP定律法" class="headerlink" title="堆栈平衡法(即ESP定律法)"></a>堆栈平衡法(即ESP定律法)</h3><p>这种方法适用于一些古老的壳。这些壳首先会使用PUSHAD指令保存寄存器环境,在解密各个区段完毕,跳往OEP之前,会使用POPAD指令恢复寄存器环境。<br>有的情况下保存寄存器环境可能不是第一条指令,但也在附近了,还有些情况下,有些壳不使用PUSHAD,而是逐一PUSH各个寄存器(例如:PUSH EAX,PUSH EBX等等),总而言之,在解密完区段,跳往OEP之前会恢复寄存器环境。<br>按F7键执行PUSHAD:可以看到各个寄存器的初始值被压入到堆栈中了,这里我们可以对这些初始值设置内存或者硬件访问断点,当解密例程读取这些初始值的时候就会断下来,断下来处基本上就在OEP附近了。<br>这里我们可以通过在ESP寄存器值上面单击鼠标右键选择-Follow in dump在数据窗口中定位到这些寄存器的初始值。对这些初始值的第一个字节或者前4个字节设置硬件访问断点。当壳的解密例程读取该值的时候断了下来停在popad的下一行,紧接着下面就是跳往OEP处,说明这个方法起作用了。</p>
<h3 id="VB应用程序定位OEP法-Native-或者-P-CODE"><a href="#VB应用程序定位OEP法-Native-或者-P-CODE" class="headerlink" title="VB应用程序定位OEP法(Native 或者 P-CODE)"></a>VB应用程序定位OEP法(Native 或者 P-CODE)</h3><p>定位VB程序的OEP比较容易,因为VB应用程序都有一个特点-开始都是一个PUSH指令,紧接着一个CALL指令调用一个VB API函数。我们可以使用Patch过的OD,首先定位到VB的动态库,接着给该动态库的代码段设置内存访问断点,<br>当壳的解密例程解密完原程序各个区段,接着就会断在VB DLL的第一条指令处,接着我们可以在堆栈中定位到返回地址,就可以来到OEP的下一条指令处。这里我们也可以使用前面介绍的方法-跟逐一给各个区段设置内存访问断点(使用Patch过的OD),但是很多壳会检测这种方法,所以大家可能根据需要不同的情况来尝试这不同的方法。这种方法很容易理解,我就不举例子了,以后大家如果遇到了VB程序可以试试这种方法。</p>
<h3 id="最后一次异常法"><a href="#最后一次异常法" class="headerlink" title="最后一次异常法"></a>最后一次异常法</h3><p>如果我们在脱壳的过程中发现目标程序产生大量异常的话,就可以使用最后一次异常法,将EXCEPTIONS菜单项中的忽略各个异常的选项都勾选上,运行起来。这里我们可以看到产生了好几处异常,但是都不是位于第一个区段,说明这些异常不是在原程序运行期间发生的,是在壳的解密例程执行期间产生的异常。重新启动OD,将EXCEPTIONS菜单项中忽略的异常选项的对勾都去掉,仅保留Ignore memory access violations in KERNEL32这个选项的对勾。按SHIFT + F9忽略异常继续运行,我们直到最后一次异常。<br>接着我们可以 <strong><em>对代码段设置内存访问断点</em></strong> ,可能有人会问,为什么不在一开始设置内存访问断点呢?原因是很多壳会检测程序在开始时是否自身被设置内存访问断点,如果执行到了最后一次异常处的话,很可能已经绕过了壳的检测时机!</p>
<h3 id="用壳最常用的API函数来定位OEP"><a href="#用壳最常用的API函数来定位OEP" class="headerlink" title="用壳最常用的API函数来定位OEP"></a>用壳最常用的API函数来定位OEP</h3><p>将忽略的异常选项都勾选上,我们来定位一下壳最常用的API函数,比如GetProcAddress,LoadLibrary。ExitThread有些壳会用。<br>使用bp GetProcAddress命令给该API函数设置一个断点。我们只需要知道壳在哪些地方调用GetProcAddress,所以我们在断下来的这一行上面单击鼠标右键选择-Breakpoint-Conditional log,来设置条件记录。将Pause program这一项勾选上Never,记录的表达式设置为[ESP],也就是记录返回地址,这样我们就能知道哪些地方调用GetProcAddress。接着在日志窗口中单击鼠标右键选择-Clear Log(清空日志)。运行起来,我们可以看到程序的主窗口弹了出来,打开日志窗口,看看最后一次GetProcAddress(排除掉第一个区段中调用的位置)是在哪里被调用的。<br>我们可以在 <strong><em>对代码段设置内存访问断点</em></strong> 之前尝试一下这种方法,这样就可以绕过很多壳对内存断点的检测,但是有一些壳也会对API函数断点进行检测,所以说我们需要各种方式都尝试一下,找到最合适的。</p>
<h3 id="利用应用程序调用的第一个API函数来定位OEP"><a href="#利用应用程序调用的第一个API函数来定位OEP" class="headerlink" title="利用应用程序调用的第一个API函数来定位OEP"></a>利用应用程序调用的第一个API函数来定位OEP</h3><h1 id="压缩壳"><a href="#压缩壳" class="headerlink" title="压缩壳"></a>压缩壳</h1><p>压缩壳的特点就是减小软件的体积加密保护不是重点。目前兼容性和稳定性较好的压缩壳有UPX、ASPack、PECompact等。</p>
<h2 id="寻找OEP"><a href="#寻找OEP" class="headerlink" title="寻找OEP"></a>寻找OEP</h2><ol>
<li>搜索JMP或者CALL指令的机器码(即一步直达法,只适用于少数壳,包括UPX,ASPACK壳)<br>对于一些简单的壳可以用这种方式来定位OEP,但是对于像AsProtect这类强壳(PS:AsProtect在04年算是强壳了,嘿嘿)就不适用了,我们可以直接搜索长跳转JMP(0E9)或者CALL(0E8)这类长转移的机器码,一般情况下(理想情况)壳在解密完原程序各个区段以后,需要一个长JMP或者CALL跳转到原程序代码段中的OEP处开始执行原程序代码。按CTRL+B组合键搜索一下JMP的机器码E9(CTRL+L查看下一个,看看有没有这样一个JMP跳转到原程序的代码段。</li>
<li>使用OllyDbg自带的功能定位OEP(SFX法)<br>演示这种方法目标程序我们还是选择CRACKME UPX.EXE,用OD加载该程序,然后选择菜单项Options-Debugging options-SFX。该选项只有当OllyDbg发现壳的入口点位于代码段之外的时候才会起作用,壳的入口点位于代码段中的情况还是比较少见的。</li>
<li>使用Patch过的OD来定位OEP(即内存映像法)<br>正常的内存访问断点读取,写入,执行的时候都会断下来,该Patch过的OD内存访问断点仅当执行的时候才会断下来,我们可以利用这一点来定位OEP。<br>UPX壳的解密例程会解密原程序的各个区段并将各个区段原始字节写回到原处,我们最好不要在解密区段的过程中断下来,说不定要断成千上万次才能到达OEP,这里有了这个Patch过的OD就方便多了,其内存访问断点仅当执行的时候才会断下来,当其在执行第一个区段中的代码时,基本上就可以断定是OEP了。</li>
<li>堆栈平衡法(即ESP定律法)<br>这种方法适用于一些古老的壳。这些壳首先会使用PUSHAD指令保存寄存器环境,在解密各个区段完毕,跳往OEP之前,会使用POPAD指令恢复寄存器环境。<br>有的情况下保存寄存器环境可能不是第一条指令,但也在附近了,还有些情况下,有些壳不使用PUSHAD,而是逐一PUSH各个寄存器(例如:PUSH EAX,PUSH EBX等等),总而言之,在解密完区段,跳往OEP之前会恢复寄存器环境。<br>按F7键执行PUSHAD:可以看到各个寄存器的初始值被压入到堆栈中了,这里我们可以对这些初始值设置内存或者硬件访问断点,当解密例程读取这些初始值的时候就会断下来,断下来处基本上就在OEP附近了。<br>这里我们可以通过在ESP寄存器值上面单击鼠标右键选择-Follow in dump在数据窗口中定位到这些寄存器的初始值。对这些初始值的第一个字节或者前4个字节设置硬件访问断点。当壳的解密例程读取该值的时候断了下来停在popad的下一行,紧接着下面就是跳往OEP处,说明这个方法起作用了。</li>
<li>VB应用程序定位OEP法(Native 或者 P-CODE)<br>定位VB程序的OEP比较容易,因为VB应用程序都有一个特点-开始都是一个PUSH指令,紧接着一个CALL指令调用一个VB API函数。我们可以使用Patch过的OD,首先定位到VB的动态库,接着给该动态库的代码段设置内存访问断点,<br>当壳的解密例程解密完原程序各个区段,接着就会断在VB DLL的第一条指令处,接着我们可以在堆栈中定位到返回地址,就可以来到OEP的下一条指令处。这里我们也可以使用前面介绍的方法-跟逐一给各个区段设置内存访问断点(使用Patch过的OD),但是很多壳会检测这种方法,所以大家可能根据需要不同的情况来尝试这不同的方法。这种方法很容易理解,我就不举例子了,以后大家如果遇到了VB程序可以试试这种方法。</li>
<li>最后一次异常法<br>如果我们在脱壳的过程中发现目标程序产生大量异常的话,就可以使用最后一次异常法,将EXCEPTIONS菜单项中的忽略各个异常的选项都勾选上,运行起来。这里我们可以看到产生了好几处异常,但是都不是位于第一个区段,说明这些异常不是在原程序运行期间发生的,是在壳的解密例程执行期间产生的异常。重新启动OD,将EXCEPTIONS菜单项中忽略的异常选项的对勾都去掉,仅保留Ignore memory access violations in KERNEL32这个选项的对勾。按SHIFT + F9忽略异常继续运行,我们直到最后一次异常。<br>接着我们可以 <strong><em>对代码段设置内存访问断点</em></strong> ,可能有人会问,为什么不在一开始设置内存访问断点呢?原因是很多壳会检测程序在开始时是否自身被设置内存访问断点,如果执行到了最后一次异常处的话,很可能已经绕过了壳的检测时机!</li>
<li>用壳最常用的API函数来定位OEP<br>将忽略的异常选项都勾选上,我们来定位一下壳最常用的API函数,比如GetProcAddress,LoadLibrary。ExitThread有些壳会用。<br>使用bp GetProcAddress命令给该API函数设置一个断点。我们只需要知道壳在哪些地方调用GetProcAddress,所以我们在断下来的这一行上面单击鼠标右键选择-Breakpoint-Conditional log,来设置条件记录。将Pause program这一项勾选上Never,记录的表达式设置为[ESP],也就是记录返回地址,这样我们就能知道哪些地方调用GetProcAddress。接着在日志窗口中单击鼠标右键选择-Clear Log(清空日志)。运行起来,我们可以看到程序的主窗口弹了出来,打开日志窗口,看看最后一次GetProcAddress(排除掉第一个区段中调用的位置)是在哪里被调用的。<br>我们可以在 <strong><em>对代码段设置内存访问断点</em></strong> 之前尝试一下这种方法,这样就可以绕过很多壳对内存断点的检测,但是有一些壳也会对API函数断点进行检测,所以说我们需要各种方式都尝试一下,找到最合适的。</li>
<li>利用应用程序调用的第一个API函数来定位OEP</li>
</ol>
<h2 id="IAT表修复"><a href="#IAT表修复" class="headerlink" title="IAT表修复"></a>IAT表修复</h2><p>为了确保操作系统将正确的API函数地址填充到IAT中,应该满足一下几点要求:<br>1:可执行文件各IAT项所在的文件偏移处必须是一个指针,指向一个字符串。<br>2:该字符串为API函数的名称。<br>如果这两项满足,就可以确保程序在启动时,操作系统会将正确的API函数地址填充到IAT中。<br>假如,我们当前位于被加壳程序的OEP处,我们接下来可以将程序dump出来,但是在dump之前我们必须修复IAT,为什么要修复IAT呢?难道壳将IAT破坏了吗?对,的确是这样,壳压根不需要原程序的IAT,因为被加壳程序首先会执行解密例程,读取IAT中所需要的API的名称指针,然后定位到API函数地址,将其填入到IAT中,这个时候,IAT中已经被填充了正确的API函数地址,对应的API函数名称的字符串已经不需要了,可以清除掉。<br>大部分的壳会将API函数名称对应的字符串以密文的形式保存到某个地址处,让Cracker们不能那么容易找到它们。</p>
<h1 id="压缩壳"><a href="#压缩壳" class="headerlink" title="压缩壳"></a>压缩壳</h1><p>压缩壳的特点就是减小软件的体积加密保护不是重点。目前兼容性和稳定性较好的压缩壳有UPX、ASPack、PECompact等。</p>
<h2 id="UPX"><a href="#UPX" class="headerlink" title="UPX"></a><a href="https://upx.github.io/" target="_blank" rel="noopener">UPX</a></h2><p>UPX-the Ultimate Packer for eXecutables是以命令行方式操作的可执行文件压缩程序。<br>UPX早期的压缩引擎是有UPX自己实现的其3.x版本也支持LZMA第三方压缩引擎。UPX除了对目标程序进行压缩也可以解压缩。它不包含任何反调试或保护策略。另外UPX保护工具UPXPR、UPX-sCRAMBLER等可修改UPX加壳标志使其自解压功能失效。<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">Usage: upx [-123456789dlthVL] [-qvfk] [-o file] file</span><br></pre></td></tr></table></figure></p>
<h3 id="识别UPX加壳"><a href="#识别UPX加壳" class="headerlink" title="识别UPX加壳"></a>识别UPX加壳</h3><p>被加壳程序:点击按钮之后弹框</p>
<ol>
@ -470,8 +474,11 @@
</li>
</ol>
<h3 id="UPX手动脱壳"><a href="#UPX手动脱壳" class="headerlink" title="UPX手动脱壳"></a>UPX手动脱壳</h3><p>根据 <strong><em>栈平衡原理</em></strong> 寻找OEP<br>在编写加壳软件时必须保证外壳初始化的现场环境各寄存器值与原程序的现场环境相同。因此加壳程序在初始化时保存各寄存器的值待外壳执行完毕后恢复寄存器的内容最后跳转到原程序执行。通常用pushadpush eax/ecx/edx/ebx/esp/ebp/esi/edi、popad来保存和恢复现场环境。<br>首先用Ollydbg加载已加壳的程序起始代码如下<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557836854/%E5%8A%A0%E5%A3%B3/7.png" alt><br>此时现场环境(寄存器值)如下:<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837144/%E5%8A%A0%E5%A3%B3/8.png" alt><br>在执行pushad指令后寄存器的值被压入栈中如下所示<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837250/%E5%8A%A0%E5%A3%B3/9.png" alt><br>此时esp指向12FFA4h对这个地址设置硬件访问断点然后运行程序在调用popad恢复现场环境时会访问12FFA4h造成中断此时离OEP已经不远了<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837519/%E5%8A%A0%E5%A3%B3/10.png" alt><br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">005B5155 .- E9 9506F4FF jmp carckUPX.004F57EF</span><br></pre></td></tr></table></figure></p>
<p>即为跳转到OEP的指令设置断点跟进到004F57EF<br>然后就可以使用Ollydump进行程序脱壳和IAT表修复。<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837859/%E5%8A%A0%E5%A3%B3/11.png" alt></p>
<p>使用PEiD检查果然壳已经脱掉</p>
<p>即为跳转到OEP的指令设置断点跟进到004F57EF此时我们就来到了OEP。<br>dump和修复IAT表的工具很多。</p>
<ol>
<li>使用Ollydump进行程序脱壳和IAT表修复。<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1557837859/%E5%8A%A0%E5%A3%B3/11.png" alt><br>使用PEiD检查果然壳已经脱掉</li>
<li>使用PETools dump和Import Reconstruct修复IAT<br>使用PETools出来的程序不能运行提示win32无法识别这是因为IAT表没有重建。<br>使用Import Reconstruct需要知道IAT表的起始位置。<br>我们知道API函数的调用通常是通过间接跳转或者间接CALL来实现的。<br>即JMP [XXXXXXX] or CALL [XXXXXX]这样是直接调用IAT中保存的API函数地址。<br>首先定位到获取IAT中函数地址的跳转表,这里就是该程序将要调用到的一些API函数,我们可以看到这些跳转指令的都是以机器码FF 25开头的,有些教程里面说直接搜索二进制FF 25就可以快速的定位该跳表。<br>看到整个IAT后,我们直接下拉到IAT的尾部,我们知道属于同一个动态库的API函数地址都是连续存放的,不同的动态库函数地址列表是用零隔开的。<br>Import REConstructor重建IAT需要三项指标:<br>1)IAT的起始地址,这里是403184,减去映像基址400000就得到了3184(RVA:相对虚拟地址)。<br>2)IAT的大小<br>IAT的大小 = 40328C - 403184 = 108(十六进制)<br>3)OEP = 401000(虚拟地址)- 映像基址400000 = 1000(OEP的RVA)。</li>
</ol>
<h2 id="ASPack"><a href="#ASPack" class="headerlink" title="ASPack"></a><a href="http://www.aspack.com/" target="_blank" rel="noopener">ASPack</a></h2><p>ASPack是一款Win32可执行文件压缩软件可压缩Win32可执行文件EXE、DLL、OCX具有很高的兼容性和稳定性。</p>
<h1 id="加密壳"><a href="#加密壳" class="headerlink" title="加密壳"></a>加密壳</h1><p>加密壳种类较多,一些壳只保护程序,另一些壳提供额外的功能如注册、使用次数、时间限制。越有名的加密壳,其破解可能性越大。</p>
<h2 id="ASProtect"><a href="#ASProtect" class="headerlink" title="ASProtect"></a>ASProtect</h2><p>这个壳在pack界当选老大是毫无异议的当然这里的老大不仅指它的加密强度而是在于它开创了壳的新时代SEH,BPM断点的清除都出自这里更为有名的当属RSA的使用使得Demo版无法被crack成完整版本,code_dips也源于这里。IAT的处理即使到到现在看来也是很强的。他的特长在于各种加密算法的运用这也是各种壳要学习的地方。<br>它可以压缩、加密、反跟踪代码、CRC校验和花指令等保护措施。<br>使用Blowfish、Twofish、TEA等加密算法以RSA1024为注册密钥生成器通过API钩子与加壳程序通信。<br>ASProtect为软件开发人员提供了SDK从而实现了加密程序的内外结合。<br>ASProtect 1.x系列低版本用Stripper工具可自动脱壳。ASProtect的SKE系列主要在protect OEP和SDK上采用了虚拟机技术。</p>
@ -545,6 +552,10 @@
<div class="post-nav-prev post-nav-item">
<a href="/2019/07/01/AFL-first-learn/" rel="prev" title="AFL初探">
AFL初探 <i class="fa fa-chevron-right"></i>
</a>
</div>
</div>
@ -629,7 +640,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -706,7 +717,7 @@
<div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#壳的加载过程"><span class="nav-number">1.</span> <span class="nav-text">壳的加载过程</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#通用脱壳方法"><span class="nav-number">2.</span> <span class="nav-text">通用脱壳方法</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#寻找OEP"><span class="nav-number">2.1.</span> <span class="nav-text">寻找OEP</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#搜索JMP或者CALL指令的机器码-即一步直达法-只适用于少数壳-包括UPX-ASPACK壳"><span class="nav-number">2.1.1.</span> <span class="nav-text">搜索JMP或者CALL指令的机器码(即一步直达法,只适用于少数壳,包括UPX,ASPACK壳)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#使用OllyDbg自带的功能定位OEP-SFX法"><span class="nav-number">2.1.2.</span> <span class="nav-text">使用OllyDbg自带的功能定位OEP(SFX法)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#使用Patch过的OD来定位OEP-即内存映像法"><span class="nav-number">2.1.3.</span> <span class="nav-text">使用Patch过的OD来定位OEP(即内存映像法)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#堆栈平衡法-即ESP定律法"><span class="nav-number">2.1.4.</span> <span class="nav-text">堆栈平衡法(即ESP定律法)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#VB应用程序定位OEP法-Native-或者-P-CODE"><span class="nav-number">2.1.5.</span> <span class="nav-text">VB应用程序定位OEP法(Native 或者 P-CODE)</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#最后一次异常法"><span class="nav-number">2.1.6.</span> <span class="nav-text">最后一次异常法</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#用壳最常用的API函数来定位OEP"><span class="nav-number">2.1.7.</span> <span class="nav-text">用壳最常用的API函数来定位OEP</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#利用应用程序调用的第一个API函数来定位OEP"><span class="nav-number">2.1.8.</span> <span class="nav-text">利用应用程序调用的第一个API函数来定位OEP</span></a></li></ol></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#压缩壳"><span class="nav-number">3.</span> <span class="nav-text">压缩壳</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#UPX"><span class="nav-number">3.1.</span> <span class="nav-text">UPX</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#识别UPX加壳"><span class="nav-number">3.1.1.</span> <span class="nav-text">识别UPX加壳</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#UPX手动脱壳"><span class="nav-number">3.1.2.</span> <span class="nav-text">UPX手动脱壳</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#ASPack"><span class="nav-number">3.2.</span> <span class="nav-text">ASPack</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#加密壳"><span class="nav-number">4.</span> <span class="nav-text">加密壳</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#ASProtect"><span class="nav-number">4.1.</span> <span class="nav-text">ASProtect</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#加密后的特征"><span class="nav-number">4.1.1.</span> <span class="nav-text">加密后的特征</span></a></li></ol></li></ol></li></ol></div>
<div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#壳的加载过程"><span class="nav-number">1.</span> <span class="nav-text">壳的加载过程</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#通用脱壳方法"><span class="nav-number">2.</span> <span class="nav-text">通用脱壳方法</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#寻找OEP"><span class="nav-number">2.1.</span> <span class="nav-text">寻找OEP</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#IAT表修复"><span class="nav-number">2.2.</span> <span class="nav-text">IAT表修复</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#压缩壳"><span class="nav-number">3.</span> <span class="nav-text">压缩壳</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#UPX"><span class="nav-number">3.1.</span> <span class="nav-text">UPX</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#识别UPX加壳"><span class="nav-number">3.1.1.</span> <span class="nav-text">识别UPX加壳</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#UPX手动脱壳"><span class="nav-number">3.1.2.</span> <span class="nav-text">UPX手动脱壳</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#ASPack"><span class="nav-number">3.2.</span> <span class="nav-text">ASPack</span></a></li></ol></li><li class="nav-item nav-level-1"><a class="nav-link" href="#加密壳"><span class="nav-number">4.</span> <span class="nav-text">加密壳</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#ASProtect"><span class="nav-number">4.1.</span> <span class="nav-text">ASProtect</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#加密后的特征"><span class="nav-number">4.1.1.</span> <span class="nav-text">加密后的特征</span></a></li></ol></li></ol></li></ol></div>
</div>
@ -738,7 +749,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

1661
2019/07/01/AFL-first-learn/index.html Normal file
View File

File diff suppressed because one or more lines are too long

4
about/index.html
View File

@ -367,7 +367,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -460,7 +460,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2000/01/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -397,7 +397,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -490,7 +490,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2000/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -397,7 +397,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -490,7 +490,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2018/11/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -397,7 +397,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -490,7 +490,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2018/12/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -432,7 +432,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -525,7 +525,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2018/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -467,7 +467,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -560,7 +560,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2019/01/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -397,7 +397,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -490,7 +490,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2019/02/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -397,7 +397,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -490,7 +490,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2019/03/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -502,7 +502,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -595,7 +595,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2019/04/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -432,7 +432,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -525,7 +525,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
archives/2019/05/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -432,7 +432,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -525,7 +525,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

1145
archives/2019/07/index.html Normal file
View File

File diff suppressed because it is too large Load Diff

80
archives/2019/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -318,6 +318,41 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/07/01/AFL-first-learn/" itemprop="url">
<span itemprop="name">AFL初探</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-07-01T17:25:36+08:00" content="2019-07-01">
07-01
</time>
</div>
</header>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
@ -624,41 +659,6 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" itemprop="url">
<span itemprop="name">wifi半双工侧信道攻击学习笔记</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-01-16T15:35:27+08:00" content="2019-01-16">
01-16
</time>
</div>
</header>
</article>
</div>
</div>
@ -666,6 +666,10 @@
<nav class="pagination">
<span class="page-number current">1</span><a class="page-number" href="/archives/2019/page/2/">2</a><a class="extend next" rel="next" href="/archives/2019/page/2/"><i class="fa fa-angle-right"></i></a>
</nav>
@ -712,7 +716,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -805,7 +809,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

1149
archives/2019/page/2/index.html Normal file
View File

File diff suppressed because it is too large Load Diff

76
archives/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -318,6 +318,41 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/07/01/AFL-first-learn/" itemprop="url">
<span itemprop="name">AFL初探</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-07-01T17:25:36+08:00" content="2019-07-01">
07-01
</time>
</div>
</header>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
@ -624,41 +659,6 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" itemprop="url">
<span itemprop="name">wifi半双工侧信道攻击学习笔记</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-01-16T15:35:27+08:00" content="2019-01-16">
01-16
</time>
</div>
</header>
</article>
</div>
</div>
@ -716,7 +716,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -809,7 +809,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

46
archives/page/2/index.html
View File

@ -299,7 +299,7 @@
嗯..! 目前共计 14 篇日志。 继续努力。
嗯..! 目前共计 15 篇日志。 继续努力。
</span>
@ -310,6 +310,46 @@
<div class="collection-title">
<h1 class="archive-year" id="archive-year-2019">2019</h1>
</div>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" itemprop="url">
<span itemprop="name">wifi半双工侧信道攻击学习笔记</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-01-16T15:35:27+08:00" content="2019-01-16">
01-16
</time>
</div>
</header>
</article>
<div class="collection-title">
<h1 class="archive-year" id="archive-year-2018">2018</h1>
</div>
@ -511,7 +551,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -604,7 +644,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
baidu_urls.txt
View File

@ -1,5 +1,5 @@
https://cool-y.github.io/2019/07/01/AFL-first-learn/
https://cool-y.github.io/2019/05/14/pack-and-unpack/
https://cool-y.github.io/2019/05/13/PE-file/
https://cool-y.github.io/2019/04/21/XIAOMI-UPnP/
https://cool-y.github.io/2019/04/15/Caving-db-storage/
https://cool-y.github.io/2019/03/28/逆向工程实验/
https://cool-y.github.io/2019/04/15/Caving-db-storage/

13
baidusitemap.xml
View File

@ -1,8 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://cool-y.github.io/2019/07/01/AFL-first-learn/</loc>
<lastmod>2019-07-01</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/05/14/pack-and-unpack/</loc>
<lastmod>2019-05-17</lastmod>
<lastmod>2019-05-18</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/05/13/PE-file/</loc>
<lastmod>2019-05-13</lastmod>
@ -21,9 +24,6 @@
</url> <url>
<loc>https://cool-y.github.io/2019/03/16/%E5%B0%8F%E7%B1%B3%E5%9B%BA%E4%BB%B6%E5%B7%A5%E5%85%B7mkxqimage/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/01/16/wifi%E5%8D%8A%E5%8F%8C%E5%B7%A5%E4%BE%A7%E4%BF%A1%E9%81%93%E6%94%BB%E5%87%BB%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/</loc>
<lastmod>2019-04-15</lastmod>
@ -31,11 +31,14 @@
<loc>https://cool-y.github.io/2018/12/15/miio-control/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
<loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
<lastmod>2019-04-15</lastmod>
</url> <url>
<loc>https://cool-y.github.io/2019/03/25/Samba-CVE/</loc>
<lastmod>2019-04-15</lastmod>

4
bookmarks/index.html
View File

@ -403,7 +403,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -512,7 +512,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
categories/IOT/index.html
View File

@ -456,7 +456,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -549,7 +549,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

6
categories/index.html
View File

@ -311,7 +311,7 @@
目前共计 6 个分类
</div>
<div class="category-all">
<ul class="category-list"><li class="category-list-item"><a class="category-list-link" href="/categories/IOT/">IOT</a><span class="category-list-count">4</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/二进制/">二进制</a><span class="category-list-count">2</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/加密解密/">加密解密</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/杂七杂八/">杂七杂八</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/理论学习/">理论学习</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/顶会论文/">顶会论文</a><span class="category-list-count">3</span></li></ul>
<ul class="category-list"><li class="category-list-item"><a class="category-list-link" href="/categories/IOT/">IOT</a><span class="category-list-count">4</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/二进制/">二进制</a><span class="category-list-count">3</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/加密解密/">加密解密</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/杂七杂八/">杂七杂八</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/理论学习/">理论学习</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/顶会论文/">顶会论文</a><span class="category-list-count">3</span></li></ul>
</div>
</div>
@ -369,7 +369,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -462,7 +462,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

30
categories/二进制/index.html
View File

@ -300,6 +300,32 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h2 class="post-title">
<a class="post-title-link" href="/2019/07/01/AFL-first-learn/" itemprop="url">
<span itemprop="name">AFL初探</span>
</a>
</h2>
<div class="post-meta">
<time class="post-time" itemprop="dateCreated" datetime="2019-07-01T17:25:36+08:00" content="2019-07-01">
07-01
</time>
</div>
</header>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<header class="post-header">
@ -404,7 +430,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -497,7 +523,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
categories/加密解密/index.html
View File

@ -378,7 +378,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -471,7 +471,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
categories/杂七杂八/index.html
View File

@ -378,7 +378,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -471,7 +471,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
categories/理论学习/index.html
View File

@ -378,7 +378,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -471,7 +471,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
categories/顶会论文/index.html
View File

@ -430,7 +430,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -523,7 +523,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

2
css/main.css
View File

@ -1943,7 +1943,7 @@ pre .javascript .function {
width: 4px;
height: 4px;
border-radius: 50%;
background: #81ffde;
background: #fbc9ff;
}
.links-of-blogroll {
font-size: 13px;

384
index.html
View File

@ -296,6 +296,193 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/07/01/AFL-first-learn/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/07/01/AFL-first-learn/" itemprop="url">AFL初探</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-07-01T17:25:36+08:00">
2019-07-01
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/二进制/" itemprop="url" rel="index">
<span itemprop="name">二进制</span>
</a>
</span>
</span>
<span id="/2019/07/01/AFL-first-learn/" class="leancloud_visitors" data-flag-title="AFL初探">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
11.3k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
42 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
接触这个词语已经有一年了但还没有学习过更没有上手实践过正好趁这个机会好好弄弄AFL。提起模糊测试我们总会联想起这样或那样的专业术语——测试用例、代码覆盖率、执行路径等等你可能和我一样一头雾水这次我们就来看个明白
0x01 模糊测试首先模糊测试Fuzzing是一种测试手段它把系统看成
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/07/01/AFL-first-learn/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
@ -373,7 +560,7 @@
</span>
<span title="字数统计">
3.6k 字
4.3k 字
</span>
@ -387,7 +574,7 @@
</span>
<span title="阅读时长">
12 分钟
15 分钟
</span>
</div>
@ -1966,195 +2153,6 @@ WinDbg
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/01/16/wifi半双工侧信道攻击学习笔记/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" itemprop="url">wifi半双工侧信道攻击学习笔记</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-01-16T15:35:27+08:00">
2019-01-16
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/顶会论文/" itemprop="url" rel="index">
<span itemprop="name">顶会论文</span>
</a>
</span>
</span>
<span id="/2019/01/16/wifi半双工侧信道攻击学习笔记/" class="leancloud_visitors" data-flag-title="wifi半双工侧信道攻击学习笔记">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
3.7k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
13 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
TCP侧信道分析及利用的学习报告论文来源USENIX SECURITY 2018Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets下载原文pdf中文slides
背景知识测信道香农信息论
什么是信息?
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
@ -2227,7 +2225,7 @@ WinDbg
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -2320,7 +2318,7 @@ WinDbg
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

193
page/2/index.html
View File

@ -296,6 +296,195 @@
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2019/01/16/wifi半双工侧信道攻击学习笔记/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" itemprop="url">wifi半双工侧信道攻击学习笔记</a></h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2019-01-16T15:35:27+08:00">
2019-01-16
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/顶会论文/" itemprop="url" rel="index">
<span itemprop="name">顶会论文</span>
</a>
</span>
</span>
<span id="/2019/01/16/wifi半双工侧信道攻击学习笔记/" class="leancloud_visitors" data-flag-title="wifi半双工侧信道攻击学习笔记">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
3.7k 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
13 分钟
</span>
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
TCP侧信道分析及利用的学习报告论文来源USENIX SECURITY 2018Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secrets下载原文pdf中文slides
背景知识测信道香农信息论
什么是信息?
...
<!--noindex-->
<div class="post-button text-center">
<a class="btn" href="/2019/01/16/wifi半双工侧信道攻击学习笔记/#more" rel="contents">
阅读全文 &raquo;
</a>
</div>
<!--/noindex-->
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</div>
</article>
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
@ -1074,7 +1263,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -1167,7 +1356,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

10
search.xml
View File

File diff suppressed because one or more lines are too long

27
sitemap.xml
View File

@ -1,10 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://cool-y.github.io/2019/07/01/AFL-first-learn/</loc>
<lastmod>2019-07-01T09:26:53.364Z</lastmod>
</url>
<url>
<loc>https://cool-y.github.io/2019/05/14/pack-and-unpack/</loc>
<lastmod>2019-05-17T08:21:24.916Z</lastmod>
<lastmod>2019-05-18T06:52:27.207Z</lastmod>
</url>
@ -92,13 +99,6 @@
</url>
<url>
<loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
<lastmod>2019-04-15T07:35:38.082Z</lastmod>
</url>
<url>
<loc>https://cool-y.github.io/2019/01/16/wifi%E5%8D%8A%E5%8F%8C%E5%B7%A5%E4%BE%A7%E4%BF%A1%E9%81%93%E6%94%BB%E5%87%BB%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/</loc>
@ -114,14 +114,21 @@
</url>
<url>
<loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
<loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
<lastmod>2019-04-15T07:35:38.082Z</lastmod>
</url>
<url>
<loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
<lastmod>2019-04-15T07:35:38.081Z</lastmod>
</url>
<url>
<loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
<loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
<lastmod>2019-04-15T07:35:38.081Z</lastmod>

4
tags/CVE/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/MiniUPnP/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/PE/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/QQ/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/SSH/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/Samba/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/USENIX/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/index.html
View File

@ -369,7 +369,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -462,7 +462,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/itchat/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/miio/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/python/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/wifi/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/中间人/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/侧信道攻击/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/取证/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/复原文件/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/密码/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/小米/index.html
View File

@ -429,7 +429,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -522,7 +522,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/微信/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/数据库/index.html
View File

@ -403,7 +403,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -496,7 +496,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/数据挖掘/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/文件格式/index.html
View File

@ -403,7 +403,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -496,7 +496,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/模型实现/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/破解/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/自然语言处理/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/访问控制/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/路由器/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/远程执行/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/逆向/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>

4
tags/重放攻击/index.html
View File

@ -377,7 +377,7 @@
<a href="/archives/">
<span class="site-state-item-count">14</span>
<span class="site-state-item-count">15</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
@ -470,7 +470,7 @@
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">29.5k</span>
<span title="Site words total count">41.4k</span>
</div>