![\"\"](\"https:\/\/lh3.googleusercontent.com\/Y75n6hFwgwjfm38-f0-txLazGSYoowgIRLIy_kQtjREOxccAGSUnFk4fQ1wX_VHJW1BgajYCyAcPZ4Vdgv13XY_-a1HDDCh7IObxr-lmSHGQbo4veGT5gdPYD5EDYrvCebmm7eM4\")
<\/figure><\/div>\n\n\n\nH\u00ecnh \u1ea3nh n\u00e0y bi\u1ebft n\u00f3i<\/p>\n\n\n\n
\ud83d\udc76<\/em> Beginner level<\/h2>\n\n\n\n\u0110\u1ea7u ti\u00ean n\u1ebfu nh\u01b0 b\u1ea1n \u0111ang ch\u01b0a bi\u1ebft g\u00ec v\u00e0 mu\u1ed1n t\u00ecm hi\u1ec3u v\u1ec1 m\u1ea3ng pwnable n\u00e0y m\u00ecnh ngh\u0129 b\u1ea1n c\u1ea7n ph\u1ea3i nh\u00ecn l\u1ea1i b\u1ea3n th\u00e2n m\u00ecnh \u0111ang c\u00f3 nh\u1eefng ki\u1ebfn th\u1ee9c g\u00ec v\u00e0 thi\u1ebfu g\u00ec. B\u1ea1n c\u00f3 th\u1ec3 xem nh\u1eefng th\u1ee9 m\u00ecnh li\u1ec7t k\u00ea d\u01b0\u1edbi \u0111\u00e2y \u0111\u1ec3 c\u00f3 th\u1ec3 \u0111\u00e1nh gi\u00e1 m\u1ed9t c\u00e1ch ch\u00ednh x\u00e1c nh\u1ea5t v\u1ec1 b\u1ea3n th\u00e2n m\u00ecnh hi\u1ec7n t\u1ea1i.<\/p>\n\n\n\n
\u0110\u1eebng lo n\u1ebfu b\u1ea1n ch\u01b0a bi\u1ebft nh\u1eefng th\u1ee9 \u0111\u00f3, h\u00e3y b\u1eaft tay v\u00e0o h\u1ecdc n\u00f3 ngay khi b\u1ea1n c\u00f2n c\u00f3 th\u1ec3. M\u00ecnh s\u1ebd kh\u00f4ng \u0111i qu\u00e1 chi ti\u1ebft v\u00e0o h\u1ecdc t\u1eebng c\u00e1i nh\u01b0 n\u00e0o b\u1edfi m\u00ecnh ngh\u0129 tr\u00ean m\u1ea1ng \u0111ang c\u00f3 r\u1ea5t nhi\u1ec1u m\u00e0 m\u00ecnh ch\u1ec9 \u0111\u01b0a ra m\u1ed9t s\u1ed1 g\u1ee3i \u00fd theo c\u00e1 nh\u00e2n m\u00ecnh th\u1ea5y n\u00f3 kh\u00e1 l\u00e0 basic \u0111\u1ec3 ai c\u0169ng c\u00f3 th\u1ec3 h\u1ecdc \u0111c.<\/p>\n\n\n\n
- \ud83d\udc49\u0110\u1ea7u ti\u00ean l\u00e0 k\u1ef9 n\u0103ng l\u1eadp tr\u00ecnh, v\u1edbi pwner th\u00ec k\u1ef9 n\u0103ng l\u1eadp tr\u00ecnh quan tr\u1ecdng nh\u1ea5t l\u00e0 C\/C++ b\u00ean c\u1ea1nh \u0111\u00f3 c\u00f2n c\u1ea7n m\u1ed9t ch\u00fat k\u1ef9 n\u0103ng l\u1eadp tr\u00ecnh assemble:
- https:\/\/www.tutorialspoint.com\/cprogramming\/index.htm<\/a> <\/li>
- https:\/\/www.tutorialspoint.com\/assembly_programming\/index.htm<\/a><\/li><\/ul><\/li>
- \ud83d\udc49K\u1ebf \u0111\u1ebfn l\u00e0 ki\u1ebfn th\u1ee9c v\u1ec1 h\u1ec7 \u0111i\u1ec1u h\u00e0nh \u0111\u1ec3 c\u00f3 th\u1ec3 hi\u1ec3u \u0111\u01b0\u1ee3c c\u00e1ch m\u00e0 m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh \u0111\u01b0\u1ee3c kh\u1edfi ch\u1ea1y tr\u00ean h\u1ec7 th\u1ed1ng, c\u00e1ch qu\u1ea3n l\u00fd, c\u1ea5p ph\u00e1t b\u1ed9 nh\u1edb c\u1ee7a h\u1ec7 \u0111i\u1ec1u h\u00e0nh:
- https:\/\/www.tutorialspoint.com\/operating_system\/index.htm<\/a><\/li><\/ul><\/li>
- \ud83d\udc49 th\u1ee9 quan tr\u1ecdng n\u1eefa l\u00e0 k\u1ef9 n\u0103ng d\u1ecbch ng\u01b0\u1ee3c ph\u1ea7n m\u1ec1m (reverse). M\u00ecnh s\u1ebd kh\u00f4ng n\u00f3i b\u1edfi \u0111\u00e3 c\u00f3 roadmap v\u1ec1 reverse<\/a> r\u1ed3i. V\u1edbi m\u1ed9t pwner b\u1ea3n th\u00e2n m\u00ecnh th\u1ea5y k\u1ef9 n\u0103ng reverse l\u00e0 r\u1ea5t quan tr\u1ecdng, \u0111i\u1ec1u \u0111\u00f3 s\u1ebd quy\u1ebft \u0111\u1ecbnh b\u1ea1n c\u00f3 \u0111i xa \u0111\u01b0\u1ee3c trong l\u0129nh v\u1ef1c n\u00e0y hay kh\u00f4ng.<\/li>
- \ud83d\udc49S\u1eed d\u1ee5ng th\u00e0nh th\u1ea1o c\u00e1c c\u00f4ng c\u1ee5 debugger (gdb, pwndbg, gdb-peda, windbg, lldb, x32dbg, x64dgb,…).<\/li>
- \ud83d\udc49S\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 h\u1ed7 tr\u1ee3 nh\u01b0: ROPGadget, pwntools,…<\/li>
- \ud83d\udc49V\u00e0 cu\u1ed1i c\u00f9ng l\u00e0 t\u00ecm hi\u1ec3u v\u1ec1 c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt trong l\u1eadp tr\u00ecnh ph\u1ea7n m\u1ec1m v\u00e0 c\u00e1ch th\u1ee9c khai th\u00e1c n\u00f3:
- https:\/\/www.bluemoon.com.vn\/books\/taose.pdf<\/a><\/li><\/ul><\/li><\/ul>\n\n\n\n
Ngo\u00e0i vi\u1ec7c t\u00ecm hi\u1ec3u l\u00fd thuy\u1ebft th\u00ec th\u1ef1c h\u00e0nh l\u00e0 m\u1ed9t c\u00e1i g\u00ec \u0111\u00f3 v\u00f4 c\u00f9ng quan tr\u1ecdng, n\u00f3 quy\u1ebft \u0111\u1ecbnh \u0111\u1ebfn k\u1ebft qu\u1ea3 vi\u1ec7c m\u00e0 b\u1ea1n \u0111ang c\u1ed1 g\u1eafng theo \u0111u\u1ed5i. B\u1edfi l\u1ebd l\u00fd thuy\u1ebft th\u00f4i l\u00e0 kh\u00f4ng bao gi\u1edd \u0111\u1ee7:<\/p>\n\n\n\n
- \ud83d\udc49V\u1edbi nh\u1eefng b\u1ea1n m\u1edbi b\u1eaft \u0111\u1ea7u th\u00ec m\u00ecnh ngh\u0129 root-me<\/a> l\u00e0 m\u1ed9t trang web th\u1ef1c h\u00e0nh r\u1ea5t h\u1eefu \u00edch b\u1edfi n\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge t\u1eeb c\u01a1 b\u1ea3n \u0111\u1ebfn n\u00e2ng cao, t\u1eeb kh\u00f3 \u0111\u1ebfn d\u1ec5. V\u1edbi level n\u00e0y m\u00ecnh ngh\u0129 c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh kho\u1ea3ng 20 challenge \u0111\u00e3 l\u00e0 th\u00e0nh c\u00f4ng r\u1ed3i.<\/li>
- \ud83d\udc49C\u00f3 l\u1ebd pwnable.tw<\/a> l\u00e0 m\u1ed9t trang web m\u00e0 ko m\u1ed9t pwner n\u00e0o l\u00e0 kh\u00f4ng bi\u1ebft \u0111\u1ebfn n\u00f3, \u1edf \u0111\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge v\u1edbi nhi\u1ec1u m\u1ee9c \u0111\u1ed9, m\u1ed7i challenge s\u1eed d\u1ee5ng m\u1ed9t \u0111\u1ebfn nhi\u1ec1u k\u1ef9 thu\u1eadt \u1edf c\u00e1c m\u1ee9c \u0111\u1ed9 kh\u00f3 d\u1ec5 kh\u00e1c nhau. Tuy nhi\u00ean \u1edf level n\u00e0y th\u00ec c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh \u0111\u01b0\u1ee3c c\u00e1c challenge c\u00f3 \u0111i\u1ec3m <= 200 l\u00e0 m\u1ed9t k\u1ebft qu\u1ea3 kh\u1ea3 quan.<\/li>
- \ud83d\udc49Ngo\u00e0i ra ch\u01a1i CTF v\u1edbi c\u00e1c challenge pwnable l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c kh\u00f4ng th\u1ec3 tuy\u1ec7t v\u1eddi h\u01a1n.<\/li><\/ul>\n\n\n\n
\ud83d\udc66<\/em> Advanced level<\/h2>\n\n\n\nSau khi ho\u00e0n th\u00e0nh ph\u1ea7n d\u00e0nh cho Beginner th\u00ec c\u00e1c b\u1ea1n s\u1ebd ti\u1ebfp t\u1ee5c \u0111\u1ebf v\u1edbi ph\u1ea7n d\u00e0nh cho nh\u1eefng ng\u01b0\u1eddi th\u1ef1c s\u1ef1 mu\u1ed1n \u0111i s\u00e2u h\u01a1n v\u00e0 xa h\u01a1n trong c\u00e1i l\u0129nh v\u1ef1c n\u00e0y. \u1ede ph\u1ea7n n\u00e0y m\u00ecnh ngh\u0129 c\u1ea7n ph\u1ea3i trang b\u1ecb th\u00eam nh\u1eefng ki\u1ebfn th\u1ee9c chuy\u00ean s\u00e2u v\u00e0 s\u00e1t v\u1edbi th\u1ef1c t\u1ebf h\u01a1n, kh\u00f4ng c\u00f2n l\u00e0 nh\u1eefng ki\u1ebfn th\u1ee9c c\u01a1 b\u1ea3n v\u00e0 d\u1ec5 hi\u1ec3u nh\u01b0 ph\u1ea7n tr\u01b0\u1edbc n\u1eefa. \u0110\u1ec3 b\u1eaft \u0111\u1ea7u ph\u1ea7n n\u00e0y hi\u1ec3n nhi\u00ean l\u00e0 c\u00e1c b\u1ea1n ph\u1ea3i ho\u00e0n th\u00e0nh m\u1ee5c ti\u00eau \u0111\u1ec1 ra c\u1ee7a level beginner r\u1ed3i.<\/p>\n\n\n\n
V\u1ec1 nh\u1eefng ki\u1ebfn th\u1ee9c c\u1ea7n t\u00ecm hi\u1ec3u trong ph\u1ea7n n\u00e0y m\u00ecnh c\u00f3 li\u1ec7t k\u00ea ra m\u1ed9t s\u1ed1 th\u1ee9 m\u00e0 m\u00ecnh \u0111\u00e3 h\u1ecdc \u0111\u01b0\u1ee3c v\u00e0 th\u1ea5y n\u00f3 ho\u00e0n to\u00e0n h\u1eefu d\u1ee5ng \u0111\u1ed1i v\u1edbi m\u00ecnh trong qu\u00e3ng th\u1eddi gian t\u1eeb tr\u01b0\u1edbc \u0111\u1ebfn gi\u1edd.<\/p>\n\n\n\n
- \ud83d\udc49\u0110\u1ea7u ti\u00ean v\u1eabn c\u1ea7n ph\u1ea3i ti\u1ebfp t\u1ee5c th\u1ef1c h\u00e0nh c\u00e1c challenge v\u1ec1 Buffer Overflow, Format String v\u1edbi m\u1ee9c \u0111\u1ed9 n\u00e2ng cao h\u01a1n.<\/li>
- \ud83d\udc49B\u1eaft \u0111\u1ea7u t\u00ecm hi\u1ec3u c\u00e1c l\u1ed7i li\u00ean quan \u0111\u1ebfn b\u1ed9 nh\u1edb \u0111\u1ec7m heap b\u1eb1ng c\u00e1ch gi\u1ea3i c\u00e1c challenge li\u00ean quan \u0111\u1ebfn heap tr\u00ean pwnable.tw k\u1ebft h\u1ee3p v\u1edbi \u0111\u1ecdc how2heap.
- https:\/\/github.com\/shellphish\/how2heap<\/a><\/li><\/ul><\/li>
- \ud83d\udc49Nghi\u00ean c\u1ee9u c\u00e1c c\u00e1ch th\u1ee9c bypass mitigation (NX, ASLR, stack canary, PIE, RELRO,…)<\/li>
- \ud83d\udc49L\u00e0m quen v\u1edbi c\u00e1c c\u00f4ng c\u1ee5 h\u1ed7 tr\u1ee3 m\u1edbi nh\u01b0: one_gadget, checksec<\/li>
- \ud83d\udc49Luy\u1ec7n k\u1ef9 n\u0103ng vi\u1ebft shellcode b\u1eb1ng c\u00e1ch th\u1ef1c h\u00e0nh c\u00e1c challenge li\u00ean quan \u0111\u1ebfn shellcode.<\/li>
- \ud83d\udc49N\u1eafm c\u00e1c ki\u1ebfn th\u1ee9c v\u1ec1 system call, s\u1eed d\u1ee5ng th\u00e0nh th\u1ea1o 1 s\u1ed1 syscall c\u01a1 b\u1ea3n nh\u01b0 sys_execve, sys_open, sys_read, sys_write, sys_mprotect, sys_mmap, sys_socket, sys_dup2<\/li><\/ul>\n\n\n\n
V\u1ec1 ph\u1ea7n th\u1ef1c h\u00e0nh, c\u00e1c b\u1ea1n n\u00ean ti\u1ebfp t\u1ee5c l\u00e0m c\u00e1c challenge tr\u00ean c\u00e1c trang m\u00ecnh \u0111\u00e3 \u0111\u01b0a v\u00e0 c\u1ed1 g\u1eafng ho\u00e0n th\u00e0nh \u0111\u01b0\u1ee3c nhi\u1ec1u challenge nh\u1ea5t c\u00f3 th\u1ec3.<\/p>\n\n\n\n
- Root-me: https:\/\/www.root-me.org\/en\/Challenges\/App-System\/<\/a><\/li>
- Ho\u00e0n th\u00e0nh c\u00e1c challenge c\u00f2n l\u1ea1i c\u1ee7a pwnable.tw<\/a><\/li><\/ul>\n\n\n\n
\ud83d\udc71\u200d\u2642\ufe0f<\/em> Gosu level<\/h2>\n\n\n\n![\"\"](\"https:\/\/hackemall.live\/wp-content\/uploads\/2020\/05\/pwnable-1024x407.png\")
<\/figure>\n\n\n\nTh\u1ef1c s\u1ef1 m\u00e0 n\u00f3i \u0111\u1ec3 \u0111\u1ea1t \u0111\u1ebfn t\u1ea7m \u201cGosu” th\u00ec m\u00ecnh c\u0169ng ch\u01b0a th\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c. Tuy nhi\u00ean m\u00ecnh c\u0169ng c\u00f3 c\u00e1ch l\u1ef1a ch\u1ecdn h\u01b0\u1edbng \u0111i cho ri\u00eang m\u00ecnh \u0111\u1ec3 c\u00f3 th\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c m\u1ed9t c\u00e1i g\u00ec \u0111\u00f3. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 \u00fd ki\u1ebfn m\u00ecnh n\u00eau ra d\u1ef1a v\u00e0o kinh nghi\u1ec7m h\u1ea1n h\u1eb9p c\u1ee7a b\u1ea3n th\u00e2n, n\u00f3 kh\u00f4ng th\u1ec3 gi\u00fap c\u00e1c b\u1ea1n tr\u1edf th\u00e0nh \u201cGosu” nh\u01b0ng m\u00ecnh ngh\u0129 n\u00f3 s\u1ebd gi\u00fap \u0111\u01b0\u1ee3c c\u00e1c b\u1ea1n bi\u1ebft c\u00e1ch ch\u1ecdn cho m\u00ecnh m\u1ed9t con \u0111\u01b0\u1eddng \u0111i \u0111\u1ec3 tr\u1edf th\u00e0nh \u201cGosu”.<\/p>\n\n\n\n
C\u00f3 m\u1ed9t \u0111i\u1ec1u m\u00ecnh mu\u1ed1n n\u00f3i tr\u01b0\u1edbc \u0111\u00f3 l\u00e0 theo m\u00ecnh bi\u1ebft th\u00ec \u1edf Vi\u1ec7t Nam hi\u1ec7n nay kh\u00f4ng c\u00f3 nhi\u1ec1u c\u00f4ng ty, t\u1ed5 ch\u1ee9c cho ph\u00e9p c\u00e1c c\u00e1 nh\u00e2n ng\u1ed3i l\u00e0m nghi\u00ean c\u1ee9u exploit fulltime, ch\u00ednh v\u00ec th\u1ebf n\u1ebfu b\u1ea1n x\u00e1c \u0111\u1ecbnh theo \u0111u\u1ed5i \u0111am m\u00ea n\u00e0y th\u00ec n\u00ean ch\u1ecdn cho m\u00ecnh nh\u1eefng h\u01b0\u1edbng sau \u0111\u00e2y:<\/p>\n\n\n\n
- \ud83d\udc49Ch\u1ecdn m\u1ed9t c\u00f4ng vi\u1ec7c l\u00e0m v\u1ec1 security \u1edf Vi\u1ec7t Nam v\u00e0 research trong th\u1eddi gian r\u1ea3nh. N\u00f3 s\u1ebd \u00edt \u00e1p l\u1ef1c h\u01a1n nh\u01b0ng s\u1ebd kh\u00f4ng hi\u1ec7u qu\u1ea3 b\u1eb1ng vi\u1ec7c b\u1ea1n \u0111\u01b0\u1ee3c l\u00e0m trong m\u1ed9t t\u1ed5 ch\u1ee9c v\u1edbi nhi\u1ec1u ng\u01b0\u1eddi \u0111\u00e3 c\u00f3 kinh nghi\u1ec7m v\u1ec1 vi\u1ec7c n\u00e0y.<\/li>
- \ud83d\udc49C\u00e1ch c\u00f2n l\u1ea1i l\u00e0 try hard v\u00e0 t\u00ecm ki\u1ebfm cho m\u00ecnh c\u01a1 h\u1ed9i l\u00e0m vi\u1ec7c \u1edf m\u1ed9t c\u00f4ng ty n\u00e0o \u0111\u00f3 l\u00e0m thu\u1ea7n v\u1ec1 nghi\u00ean c\u1ee9u exploit \u1edf Vi\u1ec7t Nam ho\u1eb7c n\u01b0\u1edbc ngo\u00e0i. Con \u0111\u01b0\u1eddng n\u00e0y kh\u00f3 kh\u0103n nh\u01b0ng c\u00f3 l\u1ebd c\u00e1c b\u1ea1n s\u1ebd c\u00f3 m\u1ed9t t\u01b0\u01a1ng lai t\u1ed1t h\u01a1n.<\/li><\/ul>\n\n\n\n
Quay tr\u1edf l\u1ea1i v\u1ea5n \u0111\u1ec1 l\u00e0 l\u00e0m sao \u0111\u1ec3 tr\u1edf th\u00e0nh \u201cGosu” th\u00ec m\u00ecnh xin \u0111\u01b0a ra nh\u1eefng l\u1eddi khuy\u00ean \u0111\u1ebfn t\u1eeb kinh nghi\u1ec7m c\u00e1 nh\u00e2n c\u1ee7a m\u00ecnh d\u00e0nh cho c\u00e1c b\u1ea1n.<\/p>\n\n\n\n
\u0110\u1ea7u ti\u00ean l\u00e0 vi\u1ec7c l\u1ef1a ch\u1ecdn m\u1ed9t target ph\u00f9 h\u1ee3p v\u1edbi b\u1ea3n th\u00e2n. B\u1ea1n c\u00f3 th\u1ec3 l\u1ef1a ch\u1ecdn m\u1ed9t trong s\u1ed1 nh\u1eefng target sau ho\u1eb7c b\u00ean ngo\u00e0i \u0111\u00f3 n\u1eefa mi\u1ec5n sao b\u1ea1n th\u1ea5y n\u00f3 ph\u1ee5 h\u1ee3p v\u1edbi ki\u1ebfn th\u1ee9c n\u1ec1n t\u1ea3ng c\u1ee7a b\u1ea3n th\u00e2n b\u1ea1n hi\u1ec7n t\u1ea1i.<\/p>\n\n\n\n
- \ud83d\udc49IOT (Router, Camera,…)<\/li>
- \ud83d\udc49Open source (exim, linux kernel,…)<\/li>
- \ud83d\udc49Browser (chrome, firefox, safari,\u2026)<\/li>
- \ud83d\udc49Hypervisor<\/li>
- \ud83d\udc49Windows (Kernel, Software)<\/li>
- \ud83d\udc49Virtualization (Virtualbox, VMware, \u2026)<\/li>
- \ud83d\udc49…<\/li><\/ul>\n\n\n\n
Sau khi \u0111\u00e3 l\u1ef1a ch\u1ecdn \u0111\u01b0\u1ee3c cho m\u00ecnh m\u1ed9t target ph\u00f9 h\u1ee3p v\u1edbi ki\u1ebfn th\u1ee9c v\u00e0 kinh nghi\u1ec7m c\u1ee7a b\u1ea3n th\u00e2n, th\u00ec l\u00fac n\u00e0y k\u1ef9 n\u0103ng quan tr\u1ecdng nh\u1ea5t \u0111\u00f3 l\u00e0 k\u1ef9 n\u0103ng s\u1eed d\u1ee5ng google, k\u1ef9 n\u0103ng t\u00ecm ki\u1ebfm c\u1ee7a c\u00e1c b\u1ea1n. B\u1ea1n c\u1ea7n ph\u1ea3i t\u00ecm nh\u1eefng b\u00e0i vi\u1ebft, blog, write-up c\u1ee7a c\u00e1c chuy\u00ean gia tr\u00ean th\u1ebf gi\u1edbi vi\u1ebft v\u1ec1 c\u00e1i target m\u00e0 b\u1ea1n mu\u1ed1n h\u01b0\u1edbng t\u1edbi. T\u1eeb \u0111\u00f3 hi\u1ec3u \u0111\u01b0\u1ee3c c\u00e1ch m\u00e0 th\u1ebf gi\u1edbi h\u1ecd \u0111ang l\u00e0m r\u1ed3i t\u1ef1 \u0111\u01b0a ra m\u1ed9t c\u00e1ch l\u00e0m c\u1ee7a ri\u00eang b\u1ea1n. \u0110\u1ebfn \u0111\u00e2y th\u00ec t\u00f4i hay b\u1ea5t k\u1ef3 ai kh\u00e1c \u0111\u1ec1u kh\u00f4ng th\u1ec3 gi\u00fap c\u00e1c b\u1ea1n \u0111\u01b0\u1ee3c n\u1eefa.<\/p>\n\n\n\n
Th\u00eam m\u1ed9t ch\u00fat g\u00f3p \u00fd t\u1eeb anh @quangnh89<\/strong> n\u1eefa l\u00e0 c\u1ea7n follow m\u1ed9t target \u0111\u1ee7 l\u00e2u th\u00ec m\u1edbi hy v\u1ecdng c\u00f3 k\u1ebft qu\u1ea3 v\u00ec c\u00f4ng vi\u1ec7c n\u00e0y r\u1ea5t d\u1ec5 n\u1ea3n.<\/p>\n\n\n\nThanks<\/h2>\n\n\n\n
C\u1ea3m \u01a1n c\u00e1c b\u1ea1n \u0111\u00e3 \u0111\u1ecdc v\u00e0 ch\u00fac c\u00e1c b\u1ea1n th\u00e0nh c\u00f4ng tr\u00ean con \u0111\u01b0\u1eddng m\u00e0 m\u00ecnh \u0111\u00e3 ch\u1ecdn.<\/p>\n\n\n\n
N\u1ebfu c\u00f3 th\u1eafc m\u1eafc g\u00ec h\u00e3y inbox cho t\u00f4i qua fb (@chung96vn<\/a>) ho\u1eb7c twitter (@chung96vn<\/a>)<\/p>\n\n\n\nThank anh @phieulang<\/strong> & @quangnh89<\/strong> \u0111\u00e3 support v\u00e0 g\u00f3p \u00fd cho b\u00e0i vi\u1ebft n\u00e0y.<\/p>\n","protected":false},"excerpt":{"rendered":"\ud83d\udc49 M\u1edf \u0111\u1ea7u Ch\u00e0o m\u1eebng c\u00e1c b\u1ea1n \u0111\u1ebfn v\u1edbi b\u00e0i vi\u1ebft c\u1ee7a m\u00ecnh, m\u00ecnh l\u00e0 @chung96vn. Chia s\u1ebb m\u1ed9t ch\u00fat v\u1ec1 con \u0111\u01b0\u1eddng s\u1ef1 nghi\u1ec7p c\u1ee7a m\u00ecnh. Ng\u00e0y tr\u01b0\u1edbc ch\u01b0a bao gi\u1edd m\u00ecnh ngh\u0129 l\u00e0 s\u1ebd theo \u0111u\u1ed5i ng\u00e0nh ATTT m\u00e0 theo v\u00e0o \u0111\u00f3 l\u00e0 CNPM ho\u1eb7c KHMT. Tuy nhi\u00ean d\u00f2ng \u0111\u1eddi x\u00f4 \u0111\u1ea9y v\u00e0 […]<\/p>\n","protected":false},"author":1,"featured_media":662,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,7],"tags":[13,11,18,14],"_links":{"self":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637"}],"collection":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/comments?post=637"}],"version-history":[{"count":20,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637\/revisions"}],"predecessor-version":[{"id":674,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637\/revisions\/674"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/media\/662"}],"wp:attachment":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/media?parent=637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/categories?post=637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/tags?post=637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- https:\/\/www.tutorialspoint.com\/cprogramming\/index.htm<\/a> <\/li>
- https:\/\/www.tutorialspoint.com\/assembly_programming\/index.htm<\/a><\/li><\/ul><\/li>
- \ud83d\udc49K\u1ebf \u0111\u1ebfn l\u00e0 ki\u1ebfn th\u1ee9c v\u1ec1 h\u1ec7 \u0111i\u1ec1u h\u00e0nh \u0111\u1ec3 c\u00f3 th\u1ec3 hi\u1ec3u \u0111\u01b0\u1ee3c c\u00e1ch m\u00e0 m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh \u0111\u01b0\u1ee3c kh\u1edfi ch\u1ea1y tr\u00ean h\u1ec7 th\u1ed1ng, c\u00e1ch qu\u1ea3n l\u00fd, c\u1ea5p ph\u00e1t b\u1ed9 nh\u1edb c\u1ee7a h\u1ec7 \u0111i\u1ec1u h\u00e0nh:
- https:\/\/www.tutorialspoint.com\/operating_system\/index.htm<\/a><\/li><\/ul><\/li>
- \ud83d\udc49 th\u1ee9 quan tr\u1ecdng n\u1eefa l\u00e0 k\u1ef9 n\u0103ng d\u1ecbch ng\u01b0\u1ee3c ph\u1ea7n m\u1ec1m (reverse). M\u00ecnh s\u1ebd kh\u00f4ng n\u00f3i b\u1edfi \u0111\u00e3 c\u00f3 roadmap v\u1ec1 reverse<\/a> r\u1ed3i. V\u1edbi m\u1ed9t pwner b\u1ea3n th\u00e2n m\u00ecnh th\u1ea5y k\u1ef9 n\u0103ng reverse l\u00e0 r\u1ea5t quan tr\u1ecdng, \u0111i\u1ec1u \u0111\u00f3 s\u1ebd quy\u1ebft \u0111\u1ecbnh b\u1ea1n c\u00f3 \u0111i xa \u0111\u01b0\u1ee3c trong l\u0129nh v\u1ef1c n\u00e0y hay kh\u00f4ng.<\/li>
- \ud83d\udc49S\u1eed d\u1ee5ng th\u00e0nh th\u1ea1o c\u00e1c c\u00f4ng c\u1ee5 debugger (gdb, pwndbg, gdb-peda, windbg, lldb, x32dbg, x64dgb,…).<\/li>
- \ud83d\udc49S\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 h\u1ed7 tr\u1ee3 nh\u01b0: ROPGadget, pwntools,…<\/li>
- \ud83d\udc49V\u00e0 cu\u1ed1i c\u00f9ng l\u00e0 t\u00ecm hi\u1ec3u v\u1ec1 c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt trong l\u1eadp tr\u00ecnh ph\u1ea7n m\u1ec1m v\u00e0 c\u00e1ch th\u1ee9c khai th\u00e1c n\u00f3:
- https:\/\/www.bluemoon.com.vn\/books\/taose.pdf<\/a><\/li><\/ul><\/li><\/ul>\n\n\n\n
Ngo\u00e0i vi\u1ec7c t\u00ecm hi\u1ec3u l\u00fd thuy\u1ebft th\u00ec th\u1ef1c h\u00e0nh l\u00e0 m\u1ed9t c\u00e1i g\u00ec \u0111\u00f3 v\u00f4 c\u00f9ng quan tr\u1ecdng, n\u00f3 quy\u1ebft \u0111\u1ecbnh \u0111\u1ebfn k\u1ebft qu\u1ea3 vi\u1ec7c m\u00e0 b\u1ea1n \u0111ang c\u1ed1 g\u1eafng theo \u0111u\u1ed5i. B\u1edfi l\u1ebd l\u00fd thuy\u1ebft th\u00f4i l\u00e0 kh\u00f4ng bao gi\u1edd \u0111\u1ee7:<\/p>\n\n\n\n
- \ud83d\udc49V\u1edbi nh\u1eefng b\u1ea1n m\u1edbi b\u1eaft \u0111\u1ea7u th\u00ec m\u00ecnh ngh\u0129 root-me<\/a> l\u00e0 m\u1ed9t trang web th\u1ef1c h\u00e0nh r\u1ea5t h\u1eefu \u00edch b\u1edfi n\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge t\u1eeb c\u01a1 b\u1ea3n \u0111\u1ebfn n\u00e2ng cao, t\u1eeb kh\u00f3 \u0111\u1ebfn d\u1ec5. V\u1edbi level n\u00e0y m\u00ecnh ngh\u0129 c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh kho\u1ea3ng 20 challenge \u0111\u00e3 l\u00e0 th\u00e0nh c\u00f4ng r\u1ed3i.<\/li>
- \ud83d\udc49C\u00f3 l\u1ebd pwnable.tw<\/a> l\u00e0 m\u1ed9t trang web m\u00e0 ko m\u1ed9t pwner n\u00e0o l\u00e0 kh\u00f4ng bi\u1ebft \u0111\u1ebfn n\u00f3, \u1edf \u0111\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge v\u1edbi nhi\u1ec1u m\u1ee9c \u0111\u1ed9, m\u1ed7i challenge s\u1eed d\u1ee5ng m\u1ed9t \u0111\u1ebfn nhi\u1ec1u k\u1ef9 thu\u1eadt \u1edf c\u00e1c m\u1ee9c \u0111\u1ed9 kh\u00f3 d\u1ec5 kh\u00e1c nhau. Tuy nhi\u00ean \u1edf level n\u00e0y th\u00ec c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh \u0111\u01b0\u1ee3c c\u00e1c challenge c\u00f3 \u0111i\u1ec3m <= 200 l\u00e0 m\u1ed9t k\u1ebft qu\u1ea3 kh\u1ea3 quan.<\/li>
- \ud83d\udc49Ngo\u00e0i ra ch\u01a1i CTF v\u1edbi c\u00e1c challenge pwnable l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c kh\u00f4ng th\u1ec3 tuy\u1ec7t v\u1eddi h\u01a1n.<\/li><\/ul>\n\n\n\n
\ud83d\udc66<\/em> Advanced level<\/h2>\n\n\n\n
Sau khi ho\u00e0n th\u00e0nh ph\u1ea7n d\u00e0nh cho Beginner th\u00ec c\u00e1c b\u1ea1n s\u1ebd ti\u1ebfp t\u1ee5c \u0111\u1ebf v\u1edbi ph\u1ea7n d\u00e0nh cho nh\u1eefng ng\u01b0\u1eddi th\u1ef1c s\u1ef1 mu\u1ed1n \u0111i s\u00e2u h\u01a1n v\u00e0 xa h\u01a1n trong c\u00e1i l\u0129nh v\u1ef1c n\u00e0y. \u1ede ph\u1ea7n n\u00e0y m\u00ecnh ngh\u0129 c\u1ea7n ph\u1ea3i trang b\u1ecb th\u00eam nh\u1eefng ki\u1ebfn th\u1ee9c chuy\u00ean s\u00e2u v\u00e0 s\u00e1t v\u1edbi th\u1ef1c t\u1ebf h\u01a1n, kh\u00f4ng c\u00f2n l\u00e0 nh\u1eefng ki\u1ebfn th\u1ee9c c\u01a1 b\u1ea3n v\u00e0 d\u1ec5 hi\u1ec3u nh\u01b0 ph\u1ea7n tr\u01b0\u1edbc n\u1eefa. \u0110\u1ec3 b\u1eaft \u0111\u1ea7u ph\u1ea7n n\u00e0y hi\u1ec3n nhi\u00ean l\u00e0 c\u00e1c b\u1ea1n ph\u1ea3i ho\u00e0n th\u00e0nh m\u1ee5c ti\u00eau \u0111\u1ec1 ra c\u1ee7a level beginner r\u1ed3i.<\/p>\n\n\n\n
V\u1ec1 nh\u1eefng ki\u1ebfn th\u1ee9c c\u1ea7n t\u00ecm hi\u1ec3u trong ph\u1ea7n n\u00e0y m\u00ecnh c\u00f3 li\u1ec7t k\u00ea ra m\u1ed9t s\u1ed1 th\u1ee9 m\u00e0 m\u00ecnh \u0111\u00e3 h\u1ecdc \u0111\u01b0\u1ee3c v\u00e0 th\u1ea5y n\u00f3 ho\u00e0n to\u00e0n h\u1eefu d\u1ee5ng \u0111\u1ed1i v\u1edbi m\u00ecnh trong qu\u00e3ng th\u1eddi gian t\u1eeb tr\u01b0\u1edbc \u0111\u1ebfn gi\u1edd.<\/p>\n\n\n\n
- \ud83d\udc49\u0110\u1ea7u ti\u00ean v\u1eabn c\u1ea7n ph\u1ea3i ti\u1ebfp t\u1ee5c th\u1ef1c h\u00e0nh c\u00e1c challenge v\u1ec1 Buffer Overflow, Format String v\u1edbi m\u1ee9c \u0111\u1ed9 n\u00e2ng cao h\u01a1n.<\/li>
- \ud83d\udc49B\u1eaft \u0111\u1ea7u t\u00ecm hi\u1ec3u c\u00e1c l\u1ed7i li\u00ean quan \u0111\u1ebfn b\u1ed9 nh\u1edb \u0111\u1ec7m heap b\u1eb1ng c\u00e1ch gi\u1ea3i c\u00e1c challenge li\u00ean quan \u0111\u1ebfn heap tr\u00ean pwnable.tw k\u1ebft h\u1ee3p v\u1edbi \u0111\u1ecdc how2heap.
- https:\/\/github.com\/shellphish\/how2heap<\/a><\/li><\/ul><\/li>
- \ud83d\udc49Nghi\u00ean c\u1ee9u c\u00e1c c\u00e1ch th\u1ee9c bypass mitigation (NX, ASLR, stack canary, PIE, RELRO,…)<\/li>
- \ud83d\udc49L\u00e0m quen v\u1edbi c\u00e1c c\u00f4ng c\u1ee5 h\u1ed7 tr\u1ee3 m\u1edbi nh\u01b0: one_gadget, checksec<\/li>
- \ud83d\udc49Luy\u1ec7n k\u1ef9 n\u0103ng vi\u1ebft shellcode b\u1eb1ng c\u00e1ch th\u1ef1c h\u00e0nh c\u00e1c challenge li\u00ean quan \u0111\u1ebfn shellcode.<\/li>
- \ud83d\udc49N\u1eafm c\u00e1c ki\u1ebfn th\u1ee9c v\u1ec1 system call, s\u1eed d\u1ee5ng th\u00e0nh th\u1ea1o 1 s\u1ed1 syscall c\u01a1 b\u1ea3n nh\u01b0 sys_execve, sys_open, sys_read, sys_write, sys_mprotect, sys_mmap, sys_socket, sys_dup2<\/li><\/ul>\n\n\n\n
V\u1ec1 ph\u1ea7n th\u1ef1c h\u00e0nh, c\u00e1c b\u1ea1n n\u00ean ti\u1ebfp t\u1ee5c l\u00e0m c\u00e1c challenge tr\u00ean c\u00e1c trang m\u00ecnh \u0111\u00e3 \u0111\u01b0a v\u00e0 c\u1ed1 g\u1eafng ho\u00e0n th\u00e0nh \u0111\u01b0\u1ee3c nhi\u1ec1u challenge nh\u1ea5t c\u00f3 th\u1ec3.<\/p>\n\n\n\n
- Root-me: https:\/\/www.root-me.org\/en\/Challenges\/App-System\/<\/a><\/li>
- Ho\u00e0n th\u00e0nh c\u00e1c challenge c\u00f2n l\u1ea1i c\u1ee7a pwnable.tw<\/a><\/li><\/ul>\n\n\n\n
\ud83d\udc71\u200d\u2642\ufe0f<\/em> Gosu level<\/h2>\n\n\n\n
<\/figure>\n\n\n\nTh\u1ef1c s\u1ef1 m\u00e0 n\u00f3i \u0111\u1ec3 \u0111\u1ea1t \u0111\u1ebfn t\u1ea7m \u201cGosu” th\u00ec m\u00ecnh c\u0169ng ch\u01b0a th\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c. Tuy nhi\u00ean m\u00ecnh c\u0169ng c\u00f3 c\u00e1ch l\u1ef1a ch\u1ecdn h\u01b0\u1edbng \u0111i cho ri\u00eang m\u00ecnh \u0111\u1ec3 c\u00f3 th\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c m\u1ed9t c\u00e1i g\u00ec \u0111\u00f3. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 \u00fd ki\u1ebfn m\u00ecnh n\u00eau ra d\u1ef1a v\u00e0o kinh nghi\u1ec7m h\u1ea1n h\u1eb9p c\u1ee7a b\u1ea3n th\u00e2n, n\u00f3 kh\u00f4ng th\u1ec3 gi\u00fap c\u00e1c b\u1ea1n tr\u1edf th\u00e0nh \u201cGosu” nh\u01b0ng m\u00ecnh ngh\u0129 n\u00f3 s\u1ebd gi\u00fap \u0111\u01b0\u1ee3c c\u00e1c b\u1ea1n bi\u1ebft c\u00e1ch ch\u1ecdn cho m\u00ecnh m\u1ed9t con \u0111\u01b0\u1eddng \u0111i \u0111\u1ec3 tr\u1edf th\u00e0nh \u201cGosu”.<\/p>\n\n\n\n
C\u00f3 m\u1ed9t \u0111i\u1ec1u m\u00ecnh mu\u1ed1n n\u00f3i tr\u01b0\u1edbc \u0111\u00f3 l\u00e0 theo m\u00ecnh bi\u1ebft th\u00ec \u1edf Vi\u1ec7t Nam hi\u1ec7n nay kh\u00f4ng c\u00f3 nhi\u1ec1u c\u00f4ng ty, t\u1ed5 ch\u1ee9c cho ph\u00e9p c\u00e1c c\u00e1 nh\u00e2n ng\u1ed3i l\u00e0m nghi\u00ean c\u1ee9u exploit fulltime, ch\u00ednh v\u00ec th\u1ebf n\u1ebfu b\u1ea1n x\u00e1c \u0111\u1ecbnh theo \u0111u\u1ed5i \u0111am m\u00ea n\u00e0y th\u00ec n\u00ean ch\u1ecdn cho m\u00ecnh nh\u1eefng h\u01b0\u1edbng sau \u0111\u00e2y:<\/p>\n\n\n\n
- \ud83d\udc49Ch\u1ecdn m\u1ed9t c\u00f4ng vi\u1ec7c l\u00e0m v\u1ec1 security \u1edf Vi\u1ec7t Nam v\u00e0 research trong th\u1eddi gian r\u1ea3nh. N\u00f3 s\u1ebd \u00edt \u00e1p l\u1ef1c h\u01a1n nh\u01b0ng s\u1ebd kh\u00f4ng hi\u1ec7u qu\u1ea3 b\u1eb1ng vi\u1ec7c b\u1ea1n \u0111\u01b0\u1ee3c l\u00e0m trong m\u1ed9t t\u1ed5 ch\u1ee9c v\u1edbi nhi\u1ec1u ng\u01b0\u1eddi \u0111\u00e3 c\u00f3 kinh nghi\u1ec7m v\u1ec1 vi\u1ec7c n\u00e0y.<\/li>
- \ud83d\udc49C\u00e1ch c\u00f2n l\u1ea1i l\u00e0 try hard v\u00e0 t\u00ecm ki\u1ebfm cho m\u00ecnh c\u01a1 h\u1ed9i l\u00e0m vi\u1ec7c \u1edf m\u1ed9t c\u00f4ng ty n\u00e0o \u0111\u00f3 l\u00e0m thu\u1ea7n v\u1ec1 nghi\u00ean c\u1ee9u exploit \u1edf Vi\u1ec7t Nam ho\u1eb7c n\u01b0\u1edbc ngo\u00e0i. Con \u0111\u01b0\u1eddng n\u00e0y kh\u00f3 kh\u0103n nh\u01b0ng c\u00f3 l\u1ebd c\u00e1c b\u1ea1n s\u1ebd c\u00f3 m\u1ed9t t\u01b0\u01a1ng lai t\u1ed1t h\u01a1n.<\/li><\/ul>\n\n\n\n
Quay tr\u1edf l\u1ea1i v\u1ea5n \u0111\u1ec1 l\u00e0 l\u00e0m sao \u0111\u1ec3 tr\u1edf th\u00e0nh \u201cGosu” th\u00ec m\u00ecnh xin \u0111\u01b0a ra nh\u1eefng l\u1eddi khuy\u00ean \u0111\u1ebfn t\u1eeb kinh nghi\u1ec7m c\u00e1 nh\u00e2n c\u1ee7a m\u00ecnh d\u00e0nh cho c\u00e1c b\u1ea1n.<\/p>\n\n\n\n
\u0110\u1ea7u ti\u00ean l\u00e0 vi\u1ec7c l\u1ef1a ch\u1ecdn m\u1ed9t target ph\u00f9 h\u1ee3p v\u1edbi b\u1ea3n th\u00e2n. B\u1ea1n c\u00f3 th\u1ec3 l\u1ef1a ch\u1ecdn m\u1ed9t trong s\u1ed1 nh\u1eefng target sau ho\u1eb7c b\u00ean ngo\u00e0i \u0111\u00f3 n\u1eefa mi\u1ec5n sao b\u1ea1n th\u1ea5y n\u00f3 ph\u1ee5 h\u1ee3p v\u1edbi ki\u1ebfn th\u1ee9c n\u1ec1n t\u1ea3ng c\u1ee7a b\u1ea3n th\u00e2n b\u1ea1n hi\u1ec7n t\u1ea1i.<\/p>\n\n\n\n
- \ud83d\udc49IOT (Router, Camera,…)<\/li>
- \ud83d\udc49Open source (exim, linux kernel,…)<\/li>
- \ud83d\udc49Browser (chrome, firefox, safari,\u2026)<\/li>
- \ud83d\udc49Hypervisor<\/li>
- \ud83d\udc49Windows (Kernel, Software)<\/li>
- \ud83d\udc49Virtualization (Virtualbox, VMware, \u2026)<\/li>
- \ud83d\udc49…<\/li><\/ul>\n\n\n\n
Sau khi \u0111\u00e3 l\u1ef1a ch\u1ecdn \u0111\u01b0\u1ee3c cho m\u00ecnh m\u1ed9t target ph\u00f9 h\u1ee3p v\u1edbi ki\u1ebfn th\u1ee9c v\u00e0 kinh nghi\u1ec7m c\u1ee7a b\u1ea3n th\u00e2n, th\u00ec l\u00fac n\u00e0y k\u1ef9 n\u0103ng quan tr\u1ecdng nh\u1ea5t \u0111\u00f3 l\u00e0 k\u1ef9 n\u0103ng s\u1eed d\u1ee5ng google, k\u1ef9 n\u0103ng t\u00ecm ki\u1ebfm c\u1ee7a c\u00e1c b\u1ea1n. B\u1ea1n c\u1ea7n ph\u1ea3i t\u00ecm nh\u1eefng b\u00e0i vi\u1ebft, blog, write-up c\u1ee7a c\u00e1c chuy\u00ean gia tr\u00ean th\u1ebf gi\u1edbi vi\u1ebft v\u1ec1 c\u00e1i target m\u00e0 b\u1ea1n mu\u1ed1n h\u01b0\u1edbng t\u1edbi. T\u1eeb \u0111\u00f3 hi\u1ec3u \u0111\u01b0\u1ee3c c\u00e1ch m\u00e0 th\u1ebf gi\u1edbi h\u1ecd \u0111ang l\u00e0m r\u1ed3i t\u1ef1 \u0111\u01b0a ra m\u1ed9t c\u00e1ch l\u00e0m c\u1ee7a ri\u00eang b\u1ea1n. \u0110\u1ebfn \u0111\u00e2y th\u00ec t\u00f4i hay b\u1ea5t k\u1ef3 ai kh\u00e1c \u0111\u1ec1u kh\u00f4ng th\u1ec3 gi\u00fap c\u00e1c b\u1ea1n \u0111\u01b0\u1ee3c n\u1eefa.<\/p>\n\n\n\n
Th\u00eam m\u1ed9t ch\u00fat g\u00f3p \u00fd t\u1eeb anh @quangnh89<\/strong> n\u1eefa l\u00e0 c\u1ea7n follow m\u1ed9t target \u0111\u1ee7 l\u00e2u th\u00ec m\u1edbi hy v\u1ecdng c\u00f3 k\u1ebft qu\u1ea3 v\u00ec c\u00f4ng vi\u1ec7c n\u00e0y r\u1ea5t d\u1ec5 n\u1ea3n.<\/p>\n\n\n\n
Thanks<\/h2>\n\n\n\n
C\u1ea3m \u01a1n c\u00e1c b\u1ea1n \u0111\u00e3 \u0111\u1ecdc v\u00e0 ch\u00fac c\u00e1c b\u1ea1n th\u00e0nh c\u00f4ng tr\u00ean con \u0111\u01b0\u1eddng m\u00e0 m\u00ecnh \u0111\u00e3 ch\u1ecdn.<\/p>\n\n\n\n
N\u1ebfu c\u00f3 th\u1eafc m\u1eafc g\u00ec h\u00e3y inbox cho t\u00f4i qua fb (@chung96vn<\/a>) ho\u1eb7c twitter (@chung96vn<\/a>)<\/p>\n\n\n\n
Thank anh @phieulang<\/strong> & @quangnh89<\/strong> \u0111\u00e3 support v\u00e0 g\u00f3p \u00fd cho b\u00e0i vi\u1ebft n\u00e0y.<\/p>\n","protected":false},"excerpt":{"rendered":"
\ud83d\udc49 M\u1edf \u0111\u1ea7u Ch\u00e0o m\u1eebng c\u00e1c b\u1ea1n \u0111\u1ebfn v\u1edbi b\u00e0i vi\u1ebft c\u1ee7a m\u00ecnh, m\u00ecnh l\u00e0 @chung96vn. Chia s\u1ebb m\u1ed9t ch\u00fat v\u1ec1 con \u0111\u01b0\u1eddng s\u1ef1 nghi\u1ec7p c\u1ee7a m\u00ecnh. Ng\u00e0y tr\u01b0\u1edbc ch\u01b0a bao gi\u1edd m\u00ecnh ngh\u0129 l\u00e0 s\u1ebd theo \u0111u\u1ed5i ng\u00e0nh ATTT m\u00e0 theo v\u00e0o \u0111\u00f3 l\u00e0 CNPM ho\u1eb7c KHMT. Tuy nhi\u00ean d\u00f2ng \u0111\u1eddi x\u00f4 \u0111\u1ea9y v\u00e0 […]<\/p>\n","protected":false},"author":1,"featured_media":662,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,7],"tags":[13,11,18,14],"_links":{"self":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637"}],"collection":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/comments?post=637"}],"version-history":[{"count":20,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637\/revisions"}],"predecessor-version":[{"id":674,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/posts\/637\/revisions\/674"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/media\/662"}],"wp:attachment":[{"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/media?parent=637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/categories?post=637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackemall.live\/index.php\/wp-json\/wp\/v2\/tags?post=637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- Ho\u00e0n th\u00e0nh c\u00e1c challenge c\u00f2n l\u1ea1i c\u1ee7a pwnable.tw<\/a><\/li><\/ul>\n\n\n\n
- https:\/\/github.com\/shellphish\/how2heap<\/a><\/li><\/ul><\/li>
- \ud83d\udc49C\u00f3 l\u1ebd pwnable.tw<\/a> l\u00e0 m\u1ed9t trang web m\u00e0 ko m\u1ed9t pwner n\u00e0o l\u00e0 kh\u00f4ng bi\u1ebft \u0111\u1ebfn n\u00f3, \u1edf \u0111\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge v\u1edbi nhi\u1ec1u m\u1ee9c \u0111\u1ed9, m\u1ed7i challenge s\u1eed d\u1ee5ng m\u1ed9t \u0111\u1ebfn nhi\u1ec1u k\u1ef9 thu\u1eadt \u1edf c\u00e1c m\u1ee9c \u0111\u1ed9 kh\u00f3 d\u1ec5 kh\u00e1c nhau. Tuy nhi\u00ean \u1edf level n\u00e0y th\u00ec c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh \u0111\u01b0\u1ee3c c\u00e1c challenge c\u00f3 \u0111i\u1ec3m <= 200 l\u00e0 m\u1ed9t k\u1ebft qu\u1ea3 kh\u1ea3 quan.<\/li>
- \ud83d\udc49V\u1edbi nh\u1eefng b\u1ea1n m\u1edbi b\u1eaft \u0111\u1ea7u th\u00ec m\u00ecnh ngh\u0129 root-me<\/a> l\u00e0 m\u1ed9t trang web th\u1ef1c h\u00e0nh r\u1ea5t h\u1eefu \u00edch b\u1edfi n\u00f3 c\u00f3 \u0111\u1ea7y \u0111\u1ee7 c\u00e1c challenge t\u1eeb c\u01a1 b\u1ea3n \u0111\u1ebfn n\u00e2ng cao, t\u1eeb kh\u00f3 \u0111\u1ebfn d\u1ec5. V\u1edbi level n\u00e0y m\u00ecnh ngh\u0129 c\u00e1c b\u1ea1n ch\u1ec9 c\u1ea7n ho\u00e0n th\u00e0nh kho\u1ea3ng 20 challenge \u0111\u00e3 l\u00e0 th\u00e0nh c\u00f4ng r\u1ed3i.<\/li>
- \ud83d\udc49 th\u1ee9 quan tr\u1ecdng n\u1eefa l\u00e0 k\u1ef9 n\u0103ng d\u1ecbch ng\u01b0\u1ee3c ph\u1ea7n m\u1ec1m (reverse). M\u00ecnh s\u1ebd kh\u00f4ng n\u00f3i b\u1edfi \u0111\u00e3 c\u00f3 roadmap v\u1ec1 reverse<\/a> r\u1ed3i. V\u1edbi m\u1ed9t pwner b\u1ea3n th\u00e2n m\u00ecnh th\u1ea5y k\u1ef9 n\u0103ng reverse l\u00e0 r\u1ea5t quan tr\u1ecdng, \u0111i\u1ec1u \u0111\u00f3 s\u1ebd quy\u1ebft \u0111\u1ecbnh b\u1ea1n c\u00f3 \u0111i xa \u0111\u01b0\u1ee3c trong l\u0129nh v\u1ef1c n\u00e0y hay kh\u00f4ng.<\/li>
- https:\/\/www.tutorialspoint.com\/assembly_programming\/index.htm<\/a><\/li><\/ul><\/li>