sakura@ubuntu:~/Desktop/give_to_player/core$ ls bin core.cpio core.ko etc gen_cpio.sh init lib lib64 linuxrc proc root sbin sys tmp usr vmlinux sakura@ubuntu:~/Desktop/give_to_player/core$ mv core.cpio ../core.cpio sakura@ubuntu:~/Desktop/give_to_player/core$ cd .. sakura@ubuntu...
命令: add-symbol-file core.ko textaddr ,textaddr是core.ko加载地址,用cat /sys/module/core/sections/.text获取 (3)流程 调试流程 3.代码分析: 首先,core.ko开了canary和nx(checksec core.ko),内核开了kaslr没有开smep init_module()注册了/proc/core exit_core()删除 /proc/core core_ioctl() 定义...