Asciinema link: Python3 pickle backdoor
In this article I’m going to illustrate how to read the full content of /dev/mem on linux 3.x machines. I will bypass the function devmem_is_allowed with a kernel return probe.
The kernel probes is a kernel component designed for kernel developers to debug the system internals.It can dynamically break into any kernel routine and modify the function’s behavour. This proves had been heavily since yeah by kernel developers. RedHat has build an user interface to kprobes called SystemTap
You can find kprobes’ documentation in Documentation/kprobes.txt. You should also download the article example files kprobe.tgz
Este articulo va sobre explotacion de format string bugs sobre x86_64. Son necesario conocimientos de explotacion sobre i386 (no me voy a parar a explicar nada, sorry :-P).
Para empezar, teniendo el siguiente programa vulnerable, compilandolo y arrancando el gdb:
In this post I’m going to talk about Python and testing. Testing is a very important part in the development process.
Usually, when a programmer writes some source code, he/she should spend a bit of time documenting and programming unit tests for the just-created piece of code, but as It is known, this not happends very much.
The lack of documentation can be a big stone in the way to succeed and finish a software proyect on time, but the lack of product testing (unit testing, func testing, regressive testing, etc) points the project to the worse future.
If you like the project management subjects related to the software development, I recommend you to read the book Debugging the Development Process, by Steve Maguire.
Here, the list of the most used/known python testing tools and source code analyzers (for python).