Here's something encrypted, password is required to continue reading.
阅读此文
wd-z711's B10g∎
莫图虚名修术业,勿以浮沙筑高台
post @ 2023-12-20
post @ 2023-12-05
some bugs and fix method
From this page, I decide use EN to continue my blog.
Build XposedInstaller using gradle
When use android studio and build gradle, even I have downgrade JDK to 1.8, and close android studio proxy, also have mistakes. Gradle’s information is below:
post @ 2023-11-15
软件分析基础知识&作业
之前翔哥给我具体讲了讲软件分析的基础知识,翔哥的链接如下所示:
[1] https://xym4ster.github.io/post/Program-Analysis-01
[2] https://xym4ster.github.io/post/Program-Analysis-02
[3] https://xym4ster.github.io/post/Program-Analysis-03
post @ 2023-11-09
image-caption: 图像中文描述
数据集下载:https://tianchi.aliyun.com/dataset/145781?t=1699533627520
post @ 2023-11-07
ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing
摘要
可以用静态分析来定位java反序列化漏洞。ODDFUZZ使用轻量级污点分析定位候选的gadget链(避免漏报),之后使用定向灰盒测试生成poc用例来减少误报。ODDFUZZ使用结构感知种子生成方法保证用例有效性,并使用混合反馈与步进策略来指导定向模糊测试。