<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>2022 on Logic Security 逻辑门</title>
    <link>https://www.zoemurmure.top/zh/archives/2022/</link>
    <description>Recent content in 2022 on Logic Security 逻辑门</description>
    <generator>Hugo -- gohugo.io</generator>
    <language>zh</language>
    <lastBuildDate>Tue, 10 Jan 2023 15:09:38 +0800</lastBuildDate><atom:link href="https://www.zoemurmure.top/zh/archives/2022/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>X64 分页机制</title>
      <link>https://www.zoemurmure.top/zh/posts/x64_paging/</link>
      <pubDate>Tue, 10 Jan 2023 15:09:38 +0800</pubDate>
      
      <guid>https://www.zoemurmure.top/zh/posts/x64_paging/</guid>
      <description>前言 在学习 HEVD 的过程中发现有很多知识不了解，这篇文章因此出现，文章内容翻译自参考资料^[1]^，出于学习目的考虑，内容和结构有所调整。 基本定义</description>
    </item>
    
    <item>
      <title>[HEVD exploit 系列] StackOverflowGS</title>
      <link>https://www.zoemurmure.top/zh/posts/hevd_stackoberflowgs/</link>
      <pubDate>Tue, 10 Jan 2023 11:18:29 +0800</pubDate>
      
      <guid>https://www.zoemurmure.top/zh/posts/hevd_stackoberflowgs/</guid>
      <description>0. 前言 HackSys Extreme Vulnerable Driver (HEVD) 是出于学习内核的漏洞利用技巧而开发的具有多个漏洞的 Windows 驱动程序。本文介绍了 Windows 10 64 位环境下如何绕过带有 /GS 保护措施的栈溢出漏洞，涉</description>
    </item>
    
    <item>
      <title>[HEVD exploit 系列] StackOverflow</title>
      <link>https://www.zoemurmure.top/zh/posts/hevd_stackoverflow/</link>
      <pubDate>Tue, 10 Jan 2023 11:18:24 +0800</pubDate>
      
      <guid>https://www.zoemurmure.top/zh/posts/hevd_stackoverflow/</guid>
      <description>目标函数 TriggerBufferOverflowStack __int64 __fastcall TriggerBufferOverflowStack(void *Src, unsigned __int64 Size) { char Dst[2048]; // [rsp+20h] [rbp-818h] BYREF memset(Dst, 0, sizeof(Dst)); ProbeForRead(Src, 0x800ui64, 1u); DbgPrintEx(0x4Du, 3u, &amp;#34;[+] UserBuffer: 0x%p\n&amp;#34;, Src); DbgPrintEx(0x4Du, 3u, &amp;#34;[+] UserBuffer Size: 0x%X\n&amp;#34;, Size); DbgPrintEx(0x4Du, 3u, &amp;#34;[+] KernelBuffer: 0x%p\n&amp;#34;, Dst); DbgPrintEx(0x4Du, 3u, &amp;#34;[+] KernelBuffer Size: 0x%X\n&amp;#34;, 0x800i64); DbgPrintEx(0x4Du, 3u, &amp;#34;[+] Triggering Buffer Overflow in Stack\n&amp;#34;); memmove(Dst, Src, Size); return 0i64; } 保护措施：</description>
    </item>
    
  </channel>
</rss>
