COLLECTED BY

Organization: Archive Team

Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.

History is littered with hundreds of conflicts over the future of a community, group, location or business that were "resolved" when one of the parties stepped ahead and destroyed what was there. With the original point of contention destroyed, the debates would fall to the wayside. Archive Team believes that by duplicated condemned data, the conversation and debate can continue, as well as the richness and insight gained by keeping the materials. Our projects have ranged in size from a single volunteer downloading the data to a small-but-critical site, to over 100 volunteers stepping forward to acquire terabytes of user-created data to save for future generations.

The main site for Archive Team is at archiveteam.org and contains up to the date information on various projects, manifestos, plans and walkthroughs.

This collection contains the output of many Archive Team projects, both ongoing and completed. Thanks to the generous providing of disk space by the Internet Archive, multi-terabyte datasets can be made available, as well as in use by the Wayback Machine, providing a path back to lost websites and work.

Our collection has grown to the point of having sub-collections for the type of data we acquire. If you are seeking to browse the contents of these collections, the Wayback Machine is the best first stop. Otherwise, you are free to dig into the stacks to see what you may find.

The Archive Team Panic Downloads are full pulldowns of currently extant websites, meant to serve as emergency backups for needed sites that are in danger of closing, or which will be missed dearly if suddenly lost due to hard drive crashes or server failures.

Collection: Archive Team: The Github Hitrub

This collection is a set of Github repository archives from two major sets: A panic grab upon the acquisition by Microsoft, and a larger, ongoing set of Pretty Much Everything.

TIMESTAMPS

The Wayback Machine - https://web.archive.org/web/20201013192347/https://github.com/xinali/articles

xinali / articles

Personal Blog/主记录漏洞挖掘相关研究(文章位于issues)

97 stars 11 forks

Star

Watch

45 commits

Failed to load latest commit information.

README.md

articles

个人博客。

本职工作从事恶意代码分析，时间有限，记录业余兴趣研究

Found Bugs

Open Source

heap-based out-of-bounds read when parsing otf file with undefined FontName in svg option (afdko)
heap-based out-of-bounds read when parsing otf file with undefined glyph name in svg option (afdko)
exiv2 parse url crash (exiv2)
pdf2jp2 use NULL pointer cause crash (openjpeg)
svg-native-viewer heap-buffer-overflow on SVGNative::SVGStringParser::SkipOptWsp
svg-native-viewer NULL pointer dereference in SVGDocumentImpl::TraverseSVGTree
svg-native-viewer Infinite loop in CreatePath
svg-native-viewer NULL pointer dereference in SVGNative::SVGDocument::Render
svg-native-viewer NULL pointer dereference in SVGDocument::Render(const ColorMap& colorMap) function
When parsing malformed pcap file, tcpflow crash with abort
When parsing malformed pcap file, tcpflow abort in frame_too_short
libwab heap-based out-of-bound read in write_ldif
libwab heap-based out-of-bound read in output_subrecord
shadowsocksr-native混淆验证auth.c存在基于堆的越界写漏洞

Close Source

Microsoft Font Subsetting DLL heap-based out-of-bounds read in CreateFontPackage(in fontsub!GetGlyphIdx)
Microsoft Font Subsetting DLL Stack Exhaustion at fontsub!GetComponentGlyphList
Microsoft Font Subsetting DLL heap-based out-of-bounds read in CreateFontPackage(CVE-2019-1468)
Microsoft Windows CVE-2019-1468
Microsoft Windows CVE-2020-0607
Microsoft Windows CVE-2020-0744
Microsoft Windows CVE-2020-0821
Microsoft Windows CVE-2020-0879
Microsoft Windows CVE-2020-1007
Microsoft Windows CVE-2020-1351
Windows 10帮助文件chm格式漏洞挖掘

二进制

漏洞分析

tcpdump 4.5.1 crash 深入分析
 CoolPlayer bypass DEP(CVE-2008-3408)分析
 IE11 CVE-2017-0037 Type Confusion分析
 Code Blocks 17.12 Local Buffer Overflow分析
 openssl 1.1.0a UAF(CVE-2016-6309)分析
 Adobe Reader CVE-2010-2883分析
 openssl CVE-2016-0799分析
 CVE-2018-1270 RCE分析(web/java)
Linux off by one漏洞(基于栈)
Stackoverflow + SEH的利用
 DWORD SHOOT + SEH的利用(基于堆)
Windows Heap Overflow(win2000)
FREE WMA MP3 CONVERTER 1.8缓冲区溢出漏洞复现
 CrashesAnalysis_1 (afdko)
CrashesAnalysis_2 (afdko)

fuzz

opessl fuzzing测试学习过程
 基于protobuf构建fuzzer(libpng)
fuzz CVE-2019-1117
fuzz CVE-2019-1118
fuzz CVE-2019-1127
cpython历史漏洞分析及其fuzzer编写
 一个简单的多进程且易于使用的传统fuzzer

crackme

一道有趣的crackme
看雪腾讯ctf第二题
 看雪腾讯ctf第三题
 看雪腾讯ctf第五题(待完善)
Crackme160-003

MISC

IoDeleteSymbolicLink遇到的问题
 DynELF leak函数导致堆栈不平衡
 Linux x64 pwn 学习
 记录一次恶心混淆之静态配置解密的处理
 逆向初期简单随笔
 逆向中的base64加解密
 windbg 使用
 ollyscript 大量实例及其说明文档
 pwn初探
 ASLR+NX绕过
 Linux网络编程模型

网络安全

nodejs 反序列化
 SSRF漏洞研究
 XXE 漏洞研究
 sopypy xxe问题思考

开发

渗透测试系统penework的设计及实现
 总体文章

About

Personal Blog/主记录漏洞挖掘相关研究(文章位于issues)

binary binary-security websecurity blogs

You can’t perform that action at this time.