XJB🍉FW
@XJBFW
447 subscribers
4.4K photos
177 videos
32 files
855 links
主要是来自小红书的各种web archive
借助 @web2album_bot
不带bot引用转发是为了编辑
Download Telegram
About
Blog
Apps
Platform
Join
XJB🍉FW
447 subscribers
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ 背景2:如果一个指令引发了一个异常中断(比如说用户模式访问内核模式地址),那么CPU会清除掉整个池子(和对应的执行结果)。如果没有这个中断发生,CPU就提交结果给寄存器,更新寄存器的值
56 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ 然后他给了一段代码
54 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ mov rax, [某内核地址]
and rax, 1
mov rbx, [rax + 某用户地址]
56 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ 那么怎么知道到底是读了什么呢
58 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ 简单来说:第一个mov和后两句一起并行执行,然后mov对应的内核内存会被调进CPU,然后这个内核内存的值(在没触发中断前)可以被第三句调用

但问题是rbx,rax实际上不会被更新(因为出了中断
59 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ 答案是把[某用户地址]附近的内存再读一遍,检查一遍读取速度,判断哪部分被调入进缓存了
60 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼꞉ (当然提前要注意把这个用户地址附近的内存全洗出缓存池
60 views
XJB🍉FW
Forwarded from [涉密消息]
饱和度掉了的翻车鱼https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/amp/
cyber.wtf
Negative Result: Reading Kernel Memory From User Mode
I were going to write an introduction about how important negative results can be. I didn’t. I assume you can figure out for yourself why that is and if not you got all the more reason to read this…
63 views
XJB🍉FW
Forwarded from 小林家的托尔
1 view
XJB🍉FW
Forwarded from 小林家的托尔
1 view
XJB🍉FW
Forwarded from 〄FW
1 view
XJB🍉FW
Forwarded from ヴェールヌイ
1 view
XJB🍉FW
Forwarded from 〄FW
1 view
XJB🍉FW
Forwarded from miao~13486
This media is not supported in your browser
VIEW IN TELEGRAM
62 views
XJB🍉FW
Forwarded from 鹿目 圆
72 views
XJB🍉FW
Forwarded from 科技圈的日常 (Jimmy Tian)
1 view
XJB🍉FW
Forwarded from Programmer Jokes
1 view
XJB🍉FW
Forwarded from [涉密消息]
Eat-MayorOfNanjing꞉
51 views
XJB🍉FW
Forwarded from [涉密消息]
Eat-MayorOfNanjing꞉
58 views
XJB🍉FW
Forwarded from [涉密消息]
Eat-MayorOfNanjing꞉
67 views
XJB🍉FW
[涉密消息]
Eat-MayorOfNanjing꞉
中国的 IPv6 的 AS 号定了的样子
67 views