Zke1ev3n's Blog


The quieter you became,the more you are able to hear.


  1. Port AFL to Android By LLVM

    The AFL(american fuzzy lop) is a awsome fuzzing tool wrote by lcamtuf@google. It has many outstanding features and almost been the most popular fuzzer. There are many vulnerabilities found by afl-fuzz, you can get more information about it form it’s website:http://lcamtuf.coredump.cx/afl/. The original afl-fuzz only supports linux. However, as i know some teams has already ported it to android last year, but didn’t publish. I have studied the afl-fuzz for a period of time, and finally ported it to android by the llvm mode. Several weeks ago i found the ele7enxxh has published the android-enabled version of AFL, howerver he used a different way by writing the assembly code for arm. And here i will share my way by using the llvm-mode.


  2. Algorithm:Dynamic Programming

    After a long time without updating my blog, I have made a decision that all of my articles will be written in english in the future, for i met more and more english in my study and work.And i’m worry about my poor english, it may hinder my progress.Though it might be a little difficult to update my articles as before, i will try my best.However, people who are not good at english don’t be worry about this, i will just use some plain english(that’s also what i can), even there will be many grammatical errors, and i will apprectiate it if you point them out.


  3. Ubuntu16.04编译android6.0源代码

    因为最近经常编译android,每次都要去网上搜索教程,这里把自己编译的步骤记录下来,方便以后查询。


  4. CVE-2014-4322 qseecom内存破坏漏洞分析与利用

    概述

    这个漏洞存在于高通QSEECOM驱动中,这个驱动对用户层提供了一个ioctl系统调用接口,但是没有验证ioctl传入的参数中的一些基址和偏移,攻击者可以构造特殊的参数造成信息泄露和权限提升。


  5. CVE-2014-7911 Android本地提权漏洞分析与利用

    概述

    前面我们了解了Android Binder机制的基本原理,当然仅仅了解是不够的,我们要做到:Know it and hack it。这篇文章我们就来分析一个和Binder相关的漏洞:CVE-2014-7911。这是由Jann Horn发现的一个Android本地提权漏洞,能够使普通应用的权限提升到System权限,影响Android5.0以下版本。这个漏洞是非常值得Android安全研究人员学习的一个漏洞,因为这个漏洞涉及到Android Binder,Java序列化,Dalvik GC机制,Heap spary,ROP,Stack pivot等知识,很有学习价值。

    文章的内容主要来源于公开的资料,我在其基础上添加了一些细节。