Zke1ev3n's Blog

The quieter you became,the more you are able to hear.

  1. Port AFL to Android By LLVM

    The AFL(american fuzzy lop) is a awsome fuzzing tool wrote by lcamtuf@google. It has many outstanding features and almost been the most popular fuzzer. There are many vulnerabilities found by afl-fuzz, you can get more information about it form it’s website:http://lcamtuf.coredump.cx/afl/. The original afl-fuzz only supports linux. However, as i know some teams has already ported it to android last year, but didn’t publish. I have studied the afl-fuzz for a period of time, and finally ported it to android by the llvm mode. Several weeks ago i found the ele7enxxh has published the android-enabled version of AFL, howerver he used a different way by writing the assembly code for arm. And here i will share my way by using the llvm-mode.

  2. Algorithm:Dynamic Programming

    After a long time without updating my blog, I have made a decision that all of my articles will be written in english in the future, for i met more and more english in my study and work.And i’m worry about my poor english, it may hinder my progress.Though it might be a little difficult to update my articles as before, i will try my best.However, people who are not good at english don’t be worry about this, i will just use some plain english(that’s also what i can), even there will be many grammatical errors, and i will apprectiate it if you point them out.

  3. Ubuntu16.04编译android6.0源代码


  4. CVE-2014-4322 qseecom内存破坏漏洞分析与利用



  5. CVE-2014-7911 Android本地提权漏洞分析与利用


    前面我们了解了Android Binder机制的基本原理,当然仅仅了解是不够的,我们要做到:Know it and hack it。这篇文章我们就来分析一个和Binder相关的漏洞:CVE-2014-7911。这是由Jann Horn发现的一个Android本地提权漏洞,能够使普通应用的权限提升到System权限,影响Android5.0以下版本。这个漏洞是非常值得Android安全研究人员学习的一个漏洞,因为这个漏洞涉及到Android Binder,Java序列化,Dalvik GC机制,Heap spary,ROP,Stack pivot等知识,很有学习价值。