The document discusses format string vulnerabilities, which occur when user-supplied input containing format specifiers is used without validation in functions like printf(). Format strings allow viewing process memory, crashing programs, or overwriting memory locations like the instruction pointer. While buffer overflows have thousands of exploits, format string vulnerabilities are less common but easier to find due to programmer mistakes. Exploiting format strings can lead to privilege escalation, crashes, or arbitrary code execution. Examples of past vulnerabilities are discussed.
CTF for ビギナーズのバイナリ講習で使用した資料です。
講習に使用したファイルは、以下のリンク先にあります。
https://onedrive.live.com/redir?resid=5EC2715BAF0C5F2B!10056&authkey=!ANE0wqC_trouhy0&ithint=folder%2czip
10. uji52
man ip-xfrm
10
xfrm is an IP framework for transforming packets(such as encrypting their
payloads). This framework is used to implement the IPsec protocol suite (with the
state object operating on the Security Association Database, and the policy
object operating on the Security Policy Database). It is also used for the IP
Payload Compression Protocol and features of Mobile IPv6.
? パケット変換のフレームワーク
? 暗号化通信等するにあたって利用
つまり