We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
你好。
请问int static_address = dalvik_addr+ 0x01001000;
这个0x01001000偏移的量是怎么得出的呢?是一次一次尝试,还是有什么方法确定它就在堆喷的范围内呢?
还有 heap_spary_ex(str);的运行次数也是要靠尝试还是有什么办法看它的地址范围么?
谢谢!
The text was updated successfully, but these errors were encountered:
0x01001000 是大概估算的值,喷一次然后用gdb把内存dump出来看一下内存布局就清楚了,这个位置基本可以保证每次都能喷上。选择太靠前的位置则可能有其他对象。
heap_spary_ex的次数也是随便写的值,其实不用试太多次。次数宜多不宜少,喷到极限时会卡住,如果真卡住了那就稍微降低一点就可以了
Sorry, something went wrong.
No branches or pull requests
你好。
请问int static_address = dalvik_addr+ 0x01001000;
这个0x01001000偏移的量是怎么得出的呢?是一次一次尝试,还是有什么方法确定它就在堆喷的范围内呢?
还有 heap_spary_ex(str);的运行次数也是要靠尝试还是有什么办法看它的地址范围么?
谢谢!
The text was updated successfully, but these errors were encountered: