从x86_64过来,把这个看完,arm-aarch64基本上心里有底了,讲的蛮好的
https://xz.aliyun.com/t/3154
一些汇编指令和示例
https://zhuanlan.zhihu.com/p/673591189
https://liujiaboy.github.io/2021/04/13/%E9%80%86%E5%90%91/ARM%E6%B1%87%E7%BC%96-2/
和x86_64的差别不大,就是需要注意一下arm-lr,aarch64-x30
arm
0x00010490 <+0>: push {r7, lr}
...0x000104c8 <+56>: pop {r7, pc}
aarch64
0x0000000000400678 <+0>: stp x29, x30, [sp, #-32]!
...0x0000000000400690 <+24>: ldp x29, x30, [sp], #320x0000000000400694 <+28>: ret
包含了arm,aarch64,一些基本上示例和解决方案和分析(主要是练习arm/aarch64 rop)
https://github.com/xairy/easy-linux-pwn/
包含了arm,aarch64,多种漏洞类型都有
https://github.com/bkerler/exploit_me
一个堆相关的,主要是讲rop的题 insomnihack-teaser-2019 nyanc
https://blog.perfect.blue/ROPing-on-Aarch64
没找到题目,唉,就是不让你看源程序,函数返回时sp加了多少,就是让你烦躁
https://blog.csdn.net/FUCKING12/article/details/128158210
https://blog.csdn.net/zzq487782568/article/details/126919848
c8 gadget
d0 0
d8 0 -------- new sp
e0 0
e8 system_addr
f0 0
f8 bin_sh
一个aarch64内核的题:栈溢出
注意一些关于返回用户态这个章节
https://bbs.kanxue.com/thread-272397.htm
https://bbs.kanxue.com/thread-272376.htm
一些题目,给会的人讲的
https://bbs.kanxue.com/thread-272332.htm
DEF CON CTF Qualifier 2021
https://ctftime.org/writeup/28124
WPICTF 2021 strong-arm
https://ctftime.org/writeup/27929
ByteCTF 2021 AArch64 Pwn Master of HTTPD
https://xuanxuanblingbling.github.io/ctf/pwn/2021/12/13/aarch64/
逆向烦人
https://www.anquanke.com/post/id/237900
