Write this blog due to Xray was EOL. Last version 1.9.11.
1. Patching Walkthrough for x86
run program
1 2
./xray_darwin_amd64 this license is expired, expiration time is 2022-08-03 08:00:00
find and locate string
1 2 3 4
00000000: 7468697320 6c 696365 6e 736520697320 this license is 00000010: 65787069726564 2c 2065787069726174 expired, expirat 00000020: 69 6f 6e 2074696d65206973202573 ion time is %s
➜ You know 0xDiablos checksec vuln [*] '/mnt/hgfs/aresx/pwn/htb/You know 0xDiablos/vuln' Arch: i386-32-little RELRO: Partial RELRO Stack: No canary found NX: NX disabled PIE: No PIE (0x8048000) RWX: Has RWX segments
➜ You know 0xDiablos cyclic 500 > out ➜ You know 0xDiablos gdb-gef --ex run ./vuln < out Reading symbols from ./vuln... (No debugging symbols found in ./vuln) GEF for linux ready, type `gef' to start, `gef config' to configure 92 commands loaded for GDB 9.1 using Python engine 3.8 Starting program: /mnt/hgfs/aresx/pwn/htb/You know 0xDiablos/vuln You know who are 0xDiablos: aaaabaaacaaadaaaeaaafaaagaaahaaaiaaajaaakaaalaaamaaanaaaoaaapaaaqaaaraaasaaataaauaaavaaawaaaxaaayaaazaabbaabcaabdaabeaabfaabgaabhaabiaabjaabkaablaabmaabnaaboaabpaabqaabraabsaabtaabuaabvaabwaabxaabyaabzaacbaaccaacdaaceaacfaacgaachaaciaacjaackaaclaacmaacnaacoaacpaacqaacraacsaactaacuaacvaacwaacxaacyaaczaadbaadcaaddaadeaadfaadgaadhaadiaadjaadkaadlaadmaadnaadoaadpaadqaadraadsaadtaaduaadvaadwaadxaadyaadzaaebaaecaaedaaeeaaefaaegaaehaaeiaaejaaekaaelaaemaaenaaeoaaepaaeqaaeraaesaaetaaeuaaevaaewaaexaaeyaae
#!/bin/bash IFS=$(echo -en "\n\b") functiongetdir(){ for element in `ls -1 $1` do dir_or_file=$1"/"$element counter=`echo$dir_or_file | grep -o / | wc -l` let counter-=2 if [ -d $dir_or_file ] ; then
printf'%0.s ' $(seq 0 $counter) >> _sidebar.md echo"- $element" >> _sidebar.md getdir $dir_or_file else echo$dir_or_file printf'%0.s ' $(seq 0 $counter) >> _sidebar.md path=`echo$dir_or_file| sed "s/[ ]/%20/g" | sed "s/[+]/%2B/g"` title=`echo$element | sed "s/.md//"` echo"- [$title](./$path)" >> _sidebar.md fi done }
root_dir=`ls -d VulWiki/*/` #root_dir=`ls -d */ "$1/VulWiki" | sed 's/\///g'` :> _sidebar.md fordirin$root_dir do if [ "$dir" = "." ] then continue else C1=`echo$dir | cut -f2 -d '/'` echo"- $C1" | cut -f2 -d '/' >> _sidebar.md getdir `echo$dir | sed s'/.$//'` fi done
脚本会依次递归扫描root_dir下的目录中的所有Markdown文件
1 2
╰─➤ ls -d VulWiki/*/ VulWiki/IOT安全/ VulWiki/Web安全/ VulWiki/系统安全/