From 38de261934e4c9b86230d96aceb45fe8a71b976b Mon Sep 17 00:00:00 2001
From: AceVest <zhaoyanbai@126.com>
Date: Wed, 20 Jul 2016 22:01:51 +0800
Subject: [PATCH] add 0day 3.2 shellcode

---
 .../UserInterfaceState.xcuserstate            | Bin 16535 -> 15476 bytes
 learn/test/overflow/0day.3.2.asm              |  20 ++++++++++++++++++
 .../UserInterfaceState.xcuserstate            | Bin 56467 -> 56467 bytes
 3 files changed, 20 insertions(+)
 create mode 100644 learn/test/overflow/0day.3.2.asm
diff --git a/learn/AcePlay/AcePlay.playground/playground.xcworkspace/xcuserdata/Ace.xcuserdatad/UserInterfaceState.xcuserstate b/learn/AcePlay/AcePlay.playground/playground.xcworkspace/xcuserdata/Ace.xcuserdatad/UserInterfaceState.xcuserstate
index cdb9f75acfe75bf146c2611e280875e593781128..ba649d1f6a0ca166f8e94b340263043004708176 100644
GIT binary patch
delta 4818
zcmaJ_d3+O9*UshM?0Y83WHQ;>WRl5bl1$PK5GYs>*>_q5EL&wQTUljEE(n64C_yL)
z$kNItAJ(#ppeP6kyvS-Th%6P6ec#b9ZSj@w55D}7$-TdM&V9~v&OCE|S%AUaaUYrx
zx`A$fMESwkvK)1tSYOx=7QnY)e^>}dz>#n=jKMgZ2aDlCxCAbRE8t342ET;ma3kCV
zH^VJ(E8GV6!hLW*{1H~bUtlFX1^<MX;T3olUW3=+4R{mYf`20s0;mqsAw4o67fL~4
zB%lb2qWY*2%0@Y;De8zi^+BCcAJiB1Lj~w9)E^B%1JNM#HkyoLXexRK%|J8J`{)C-
z2z`PUqa|n!T8q}9&(V7HKWGEmj=n}a&`$ItI)DzML+BS&iB6%@=vQ<G{f5q>tLPfK
zUfvBZm8NhlD({rayH7}qX7a9xP&a*&%-y)4m#F%aHzBKTBta>!61h1;dKVQH6zR}W
zQMxEYbW3zQk*#tj>Z?X41YbcpsotoO)ZSEnoNf$&B{9)wNeK1;LKuh>`SxMiqK(i7
z?a%?8&;?UqDs)3nyi5Fc{BHby{9*iY{Av6z3`7{zi5DLODv=VXfe2`!KQ4-Qjo(Rx
zeC-pb9Byf-W_>U5mvdy|FNZwg@)t?#*6ck>XdGjt4QqZsNyMDv62o0`keARqnkCvt
zWr<hPREc&e%EVQdJkclIK@MA2---b!-<jg8BkNGRf{APHX|Ht#JC}>p@oFw2xkw>W
z!aUeh<Sl{S;2W?z?16y<11SbF4CE#7O_&dR!QL1sFwkMp2!nQUZ@w-wam!;%Y|&d2
z*FEoY1K=Q$cR3u0fpR$<jDb4teKF7Bwa2USb)9M$S21R$2#!mh2|9x=pex9Y4~ZAX
zhsKAM!13^H5d)GWG#F?TPH)O!4Br!ZSHmeumF;j^QfUXA0i77=lM>&>fJo|m9|KeT
z;c7Sw&W7*958xd5A^Zr=#el@Xg@FeH7J~=|85q>Xp#J}5x1g4tAzwE*$*xu6v6q)E
zuH7?MORZd9yD;bLhCRPQn|SEA*DHZ*Mcz_a3O|FZ;A*%A0}BQe238Dc3~Z%v9sFFx
zi1xz`7}zmz#GAxl#lRW&CVDI8C#pDm>?`<fGJ@z^(Js+<qVGk!<MrdO#2dsL#v7Hw
zUGTda@E#0OFi5QhyW?JWlO5Ha-JgE3vupa9cL|gJDd_=t<fW01!ecd&PbMqHVBoC{
z?Ry^jc;STk-6janADP?<nOQH!Jq^!S=lm-?1Al{O;W-Ta7;qQ_FyJu=mck3LswVg!
z7=$ng*Txo}=j;f2V(>P6_)=<*;Nu$fGYp~_q}8I+pEEmgbK8s_6Vjt;X-RVFnHiJ1
zO~}a1s`mmt1d;q@v5^8Pld=2Olp_;^tlHqoa?~h#bj)9gyy~>GGBf{C5fO;0&i17h
zM%I5TT<_lsCw7I1SSn&)O2v=3>NHUhgI6$UP|Kv@b0$Z;_r7{#LOmhLrCwTQGRa6r
zwS)b)wkQo{io7dOI!d;4HU>>rpe&SZ>l_ST`?s@INrOQ(hJiujM6YmX<*T)A{A%^X
zt9RHEr^2bRW~kNwpI~d$rlugt7H*0`vllfpR^{D2c)domh!FX&W?fMCWJuH%<)S>)
z4ZVRua|~X`paljkF=$nadZ3;nrp`^&E9n!hF=&&FS%pE{=Plxlr1lt$MvA<jp&_Uc
zdeAU59J(=Rk3q+zfnv}ZgQT&EK0`%l6dH}jps{Ei26?#JGx}oCAA@9D7yT<lwGNYN
zQ}2+k%dIh>YRkMFF)OFk?sv-9^?bhXQNCNd*Ck)~ue~0OlFHe&`?)Xfzmi6T=Ae1i
z=2_b#FM5Ej1bvL=ix^alK{pKEh&REYdtzdmM_7thCL!okv<xjrD=_GZ!J8Q5W6-Mv
zm7r1)Q|%Z@%k5JQsr8GFi8VTZqE)&%^aa{f4X)MqMRi-1pv`DY^1N*r^uwT_8vIsb
zPI@@>4ch%uihIxxNyt7724FC-8ZszxHJuawgN{|7av1%Dj-aC$48fofgP|A<D?!K6
zi6rD_42EMcq8c)?rgpUycV#%k=p4HE(ggoNmy+nq7>vSTbTxWRLYpbX&@FVkOQ%u2
zM-{|@NG760siHvgbzEPR4I?lMHifNWZt`W+H#xfWheO~{I6OJJEQDXc9q=Ih5Bv!p
zg~#E^<akn<98Iny$C4Y#k>n1%2Oq#kNQQV+n4BhdCZ~maVy)OBrp0!#Q_PCf#0|tv
z#Vy3Kj^cdrNbxA~81Xpq+v17h$>O+piufJz0`WreC*mdIPsPi{E5)VaRpK?`b>eN}
zgW}&MCJ8Ial?;-MmrRq)m8_AhldP9)kd#TvC7UE$B-<q0B|9YFNKQ&BB$blWk~5OC
zlJk-($wkQ}$z{n^$#tn-%1IkaTS@y!3uDr0(xuXk(tXln(zDWY((}?P=`|UYDP*L~
zBlF4pGF}#v39>v{foy<mkgQNPOg2I`MmAOUo@}=41KEeN1+s;*Ph?AEpUMu%F36t9
zkz6X5%awAA+$Z<T1M;9eERV?3<Qej&^4H|A%UjA@%iGG^%R9<D%X`aXh4LBl#qzE4
zlk)QlkwUGoD69&b!l7^}QWZf(SP@aADKZpUih7F9iV2FDiW0>^#R<hZ#d*aQ#a+cS
zWgR7{<dpT4t(60mgOo#*LzTmoBb6n}^~x`m8<m@tTa|m1KPgWtE0mSW)5<F4Mdb~Z
zMn$Nis%%vgRZdLROw~r!PL-!BP>oPcP)$<BR9JOMbxSQ(tJJCLfV!)?yL!61T>Y(j
zpZd7^q`E>~slK58Q+-|iK>b+#RQ;F6tRXcXjZfp(@S2cD(Bx?fGy^n)G=-XBnh~1G
znrWJMH8VA{G;=lcH1jpZnnju)G-ovTHGgaCXk$n#(GuEJtw-zCvRY2dYeQN=o2_l4
z&Cxc~HrKY$w$irIw$t{|4$w~3F3^^1k7$3@KF}eZTBp_Nb%f5ObLd>URGmlX)v>x9
z-5}jK-7?)8UAb<%?kC+*-ErMXU4^bvcR_bicS(0y_dxeZ_eA$hFV<`HbWCs8JM}60
zf%+Bt4f-;Dxqg#=r+%0Id;K2$ulmdSEBdSY>-r}KWRMtS28BUoFd0Y#WuOgqgVVqo
zqK1ZsE`~ma!G=P^FvAE#kzt}?vLSAmVtB_e-B4oKWvDVdBP4{BkP~KtB51-vxQJ9D
zlc-BHBVH$BEr~WnJE8+oKnx{{h|$DYVmvXOm_@u#%pv9x^NC_&5wV)sPV6QQ5tYPm
z#5v*uaf!H0TqUj(4~@X6Fj7XBF=!NwQDcTN%UI9Y#@N-^-PqHZZ|rRxYAiC2HjXt;
zG)^|gjZ=)XjUO9V7*`qB7}puUFn(#=7&C4*?lT@So;N-)=}o*TWD-nKQ@W{*sjI1{
zX`pGgso1p0wAi%Nw9K^0w8gZ|wB5AB^o?ns>5%EL>4@o=>8$CzsmgTGbjNhh^uYAU
z49p5MX{OAy*>27>*EQESH!wFcH#fI5w>Gym=bEv3y7>$9HuG=hDpEnlNYYB$NGF*>
zx=EglkZEKFnMF1wTac~DHe^S#Guf5QBfF7($YJCtatt|+oRkD%aw<8STu3e>SCA#-
zXXJWv16f9vlbgsB<ewImg|hILkVUXWE$Nm_OI=HSO9M+IO9x9QOBYM7rJJR@rKcs|
z(%aHEW+|}5Epsd@En6%<Sk72(QyR)m)u(c(rqpXxJE{lOml{Zoq>8A~)MP3~Vd_0<
z7WF<gpISgIq`s#1Qzxkks**ZQouSTB=cyaiE$R++k9t5oqMlICtVU~&wU2eWwb)u}
zU2R=!U2olBEwg@a{mFXFdcs;^ja6DtTdS<MtoN-Ct&gpL(}0Gwn3m8w+D^OZRGOiE
zw4ctTv*@~XeYykvCf%FvOTR@Apa;=o>9^^Lbd1LIRQf|YL4Qma(~IcEbO~KXZ=^TV
z+vx4|4*CcB5Pg_FLLZ|~(C6tt=s)Qz^iBFUeV4v(lgDfZo73j8d2OsMXbamSwlrH4
zTT5H6t%vPRTQ6IIt-o!cZLn>!?X2yIU1rzY3A@Qo+9`Xg-DCIJIXiC;*<0AV+sE1G
z*o*D!?HlZ6_Hz3s`xg5)`*!;d`?vP*?R)G;?Z@pW?G=t}M{7r0M|(#{$5zK4$6iNl
zzvF;2-Py#M<80<^?kscebbjmn&biwqxEi{$T}@m$uBEPZuJx`Bt}@r76iJFKMUkR*
zv+fLcmb;$2fqT1qw|lR9zx#l@!hOzN<^IEc*?rA@-~Gt_)cv=ojt6-fdIotCp07Ro
zJqJC9Jx4t!JU@G?JQqEeJXe?|F{Uk(%XDM9Gd-DnW&kso8OjW2Mlz$ANzA*<Jf@Uc
z&8%fUXErcpOgXce*~;u^4l;+Cqs$4Wf;q*UVa_oZn48RP<}UNVTi_k(9pxS49q;|!
zd)s^0d*A!WH`q7MH`O=YH`6!UH^(>Ex5T&1x6)VYTjg8p``j1X>$~oI%93n0`#Rg6
z&1L(s!`KmQ5j&b4%Z_K?Vc%unV`sA;uphArb}_q}En|1G``H8RA@(qPggwTdVb8Hu
z>_zqxdxgEm-uH|AGQY|1^1J<Bzu(XM!~XjIhW^I>SN%=>&HXL>{rt213;i4Yr~SYC
zZ~LFdI5}tJ%$$X@ayHJv`8l2oa}h3$%jD{EO}MsP9#_B(=SFg)xG~%~?rm-wH-nqS
zz0b|z=5q76CERCRIk%JB#qH+yazAp1xC-tRcZNI5o#%e%{@`wM&jPZ5BA^Or0=j@9
zU=O$g?f?_;1-Jko$Oyz52U-Sl13d!yfj)u$fkA=7z_7r?z~n$YFg0)>P!XsMoDTfP
zTX=>S_%uF~ug5pwv-y^M8@@f?k?+js^4<78{9t|@Kb4=(&*W$GbNIRZ5`G!Kk}u^~
z@oV|d`Mvyg{%Md5W(Qvnb`16i4h)V7jt@=@#)4B~!D+!6!H<K*!B2uqgUf>@!BxRE
z!Og*~!LNclLS)Dj@`l(@AT%pf99k4w9Qri$I4ljz!^*HGJTN>a91BkgPYcfo&kD~A
zF9<IRFAjeiULIZ>E)Q=H?+YIZ9}oW=t_=Sgz8L;9d^LPMd@FoM&<GhqjxbmlB}^1z
zGljXr$3n62iLg{yC9D<J3mb$lg^j`v;h^w~a8bA++!pQ$4}~WY6p=<05miJR(MPNi
zUnCM~6lor58EF$~AL$h75y_AAiS&!~j|_~w6ImD87C9HW9Jv#D8kI*4QB%|srK66h
sFUm!O(Qq^xO^-H=z7}ogjrNYd6&+IZ=ZvUMo!Tq9Q+xgAJ391#0saY=`~Uy|

delta 5054
zcmaJ_d3+Pq+Ro`Ylgwn#WRgiTNt@DS+Gd$dnxs$xL4kr;HVcJXYA8^km$JwXZAp$S
zWtBoK1q1{vn~1WAC?JS{$OnkX6~T=~1Z0;*P`U7>jd0-)Z~n;q&O7tG%k#eHne&_5
z<LWS|F(85_^mEObVCKd)s-#FS*c%RlW$<5cFf4~7;21a-PJ)x+6u1yBflJ{E_%>V(
z*T8q-dbkm8f*-=Ia68-q{|_F7hu~rOB|HMZf=A)k@H9LF&%&SKIrs}a4==!r@OO9@
z-h+R@KjB~SKKu`SfRspu)JTJDC>f<7J4%h9CMXR#kP`(^5QR`1)E2#j@=<rx0~MnZ
z)E5mv1JP(S28~5i&{R~7rlIL*2AYXxq1k8&T8>trRcJL@hu%dS&_?tL+KG0dPthTC
z7=4M3ps&zT^fmekokFM48FUq0L)Xy_bRYc(JwOi$384T)5&;Pfp(S*i{cx$Q3E%H~
z<>@9x75;!2^4N0%fhsbsb!i_-!>_O+%b%4KyCJ`#db#U}VZ%#Dj4CS~sU>3P6-&Ut
zn9kQOW>1#JYE!J6FDgG!Q;#3oyn<^DDDDv^cG3DQl42l>xopGQKn_}=4JN}BXosn=
z2~2~I=*{Tu=<m^c(Lba2qYp5UV333XiY_<?loAC{0SVB+%%~(<5WN-FJ{dYA_F^&>
zo22X<%ScX>1sWf@8^g+hG10D!wN9Zx+2cg_^RCz@aZA6)mSxF~SPMG^20XTyQ_^Ma
z8@)V?y(M&wz2Z~G-m)vmyapQvAhyxoo$Quaz|E@E^dzz%u_9tE(x&7Vf}P7Hs%TO?
zbqOVrOBApe_LcDU@D&(_eP9U&BnA`)atsvpupjIXOW^<vlo-$$yo5o&C?D2l$67nA
zv1vL>tfiycH3SZm@XO&)3{=bEa11n2{z+O!C&H`4+Wf{U0#2iI9IT4R1l>UoPyl*H
z%cDc0L!-m$;Y1jbI6-d=v>51OL!GI^rouTAehsXK)8KSC1I~oA;B3fYpvS;~0gHhd
zgZR>hK}z)I8dwA8!g(+T-+;AnK8)|MR191g1TbiUL2C?Nz#tEU&QE8!IFTU})((Em
zbNh5ntUGTbmnZHSAGJ)eDq%2%wNJH4u`Xe^gtbpKl-!W8TjLJ8Hq3xxOTv&G);`r$
z#kPdq9@Y+fA`4H`Pv9O2zY^|*yWppAH~b8PCK#k);K0C%LHy2MxKHAg9DrY7kd8q{
z^ttHs7-YtN^L39sNH1x644!Pj{~LY-kHc@_2@KpAcrfr{AYkBI3BQBiH{yT7K*YeG
zz-Rr9Z!5K2k`(a2#1?1Rn*Iu}H@Lb4FT*SFD!hh45Q7i~*%&m%pxH`z1OC?N>NW;B
z7(A13)%=mGLd$6@eSBJBh3K*S1OBE}Ju9-CdhBA=qfvZ_i2vyyNs+9<KZ;LhOAMY(
z_-_^EV?Si3H$z%vjKh%*(MXRN6rYdhFo<)}27|U3v|EW-WNL)R2PPMT_6c~0N9jeZ
zhx3m9LG-Q&W`&x?GYkgBs=|s;cGH|Eazs4x{O=sSNND6B-j0qKyqE}*8RgTS`^0jZ
zqptnftD*j!V6#VMqioco!Da40wivbiZ;Lzqx5bS<nRB~e+q(U422nfoVr)l-DT4A)
zr^ZsdV$cPHu8AzVH6r4Ys`zy1laiVc(kH7dK!p;11?q`<VUUkOj}_=;RD?lK3|@X}
z@1Q=3sqG%twi{4ZUiysB=j$=DG`7p$jzXo0dj+vm?&l(d(9nh=|GCCtX!s-E;z0|a
z<c&Gk>-M2*jlB6q|6|_9p^0&qXgr#LDo`b=!XTbvTs(>~cm;#-N)$m+i8JX2niLna
zJ{Xk5eV)UhZ=&Iz0li;GwGw_6nuBVf1I<G*7~fX?F^KCO!e9^v|BB1}Dl{L}p#^9m
zT7=%jpd5p^#Er$E0)q$!)lajrEKzZ3Slctchdaeof>E(DVH+6M7B|`|1S|PY!d4cS
z@PXv}iN)Z*^;|D(LR%XYIYHHv`<<^xAEA#WPP83^As7se#^-xj>@A-|*o{7qL(pev
z588|NVel#jBQO|=!Kiw)AAKQlHmJjB48}A-8nhuM9787>APM%K<Stx~PNMJPQGUQ+
z90ubXAQNJnM4xaLUHHeuE}~!KkjofUVo=opnHbafUBYkZ_l77p(Jgcv-N7J=0mk4p
z3?|j1yXamV@+St9F__W-nHo>5Dt6AF;v*12{Zm1NoKQ%dgbIUc7))=#&4^`Xi4lS!
z3_bEkm5eHl0tqQGOPWaBl91#XNh??wf4P;zQ7{6h#$O?`;hgvjVm@2|7sUnjMErns
zJAOF27e5%?j~|L8C@C%>dSr;pg&A@2!%+%KMPmF6R2%2^eEfi7BbpMei8e$#qCL@-
zC?fh3<;1H*WCBr5EFu;YONnK~3ZkA^MXVv-A>Ji+5xa>!#6Ds_aez2T943wsM~P#^
z8RE87C2c9~Dve0zNta94OSegnN{>muk$x*ZDg9phqx6*YjPz&eFVYLr2QrB)Nrq%n
z87Y&?lrptUE2CwM%qYu|y(BA@jg-xh)kb9NWuMD_klm2|MUo^%%1I?@Al+mZ*^0~~
zyO7<;?qmVki;R-9$r^GVSxeTD3(2MAI&u^F0r?^M5xI-pP3|H0k^9M8l!8j5Jd}^}
zQvs?q)rIOt<x@SVo>U=KL={uz)KF?THG&#NjiJU-6R1jRIu)s<Hc)%1)6@gGT%I8h
z$y>{xm$#MY$~(wA%6rIr$_wR1@?v>dULvoQzb)S=KP0~`|Br%F$Q62pO~EVNiq?vJ
zMPJ2e#au;9QLCs^EL6OyIIK9X_+Ig&;*{cy;+o<Q#X}`fLM5TpDrqIBd`8(y`HFI|
za)@$RMER<6ys|<$Svgm^M7dhIR=G~OUd5{Hs%%wrRX5ekswt`&sx7Lss_Uw|YN#gE
zGBu^9)h4w~&8sujZnan4PMxdHR~M*zsf*Ob>ae<6{f4?uy->Yay;QwSy<Yu+`a|_c
z>TT-X>OJax>iy~i>N^^h#;FlBeoZ8x32C0!bkpQ(dT4rT3N=NVVog{xR5M&NLNiJ;
zMl((`K~t%jsF|s$(`?dwt~slfXq8%C8_>4UKC5l5eO}vE+ezC++fAFV?V;_d9id&Q
zU9CN$J)u3Ty`+7p13IW9bTS>Kqjd%yt266(U53u3^XP)Qmb#7+U7oJ9uB&c=?x^l3
z-D%xf-8tP=-3{GM-ECS)n`sNp(Kgye2j~#pl+K}>({1Tox&z&j&Z9fiJ?Rp<oSsb2
zr5DkQ>812CdIi0XUQfSIZ=^TVTj*o-4ZU9P(TDWe`eyoe`VRVz`cC>T`fmDC{XqRF
z{aAfuyuMODQ6JU6p<kk3p|97k(y!5P(Qni5(C^gm(eKmm*B{V-tG}ebrN7TmjGECh
zG{Z7xhGT3@IwLYUOb4b5)0+u1B}{*205gcGWTr4Pm|4v0ObxSyS;5pZtC)4ndggs*
zBeR{^%N%8nGbfnum{ZId=I03W3v<^XG3X4up|zpNP;3YrN(}uBm4+#XS%w9M?S}n^
z1BQc!!-gY<bB6PVi-t>vD~4-^yN3IQ2S$l8$*3{vjC!NN*u>~C^2Q9KXv{I@8ao&}
z8uN^$#(~B%<6z?u;~3+3V}-HGIMukpxW#zNc#&1JdNzlR<gzcYFS4E4uIx)}5!;9D
z%l2mnup`-V>;$%w#q1<@3R}%iW9PC<*|*u1>}vL1_C0n3yNTV-e!(7LkFv+uZ`dE$
zpV-svS@xU>nM|hUrVgeeQ?V&*Dlzplm6`^c%1nbzLrhWAYo^JjsitYB8KzmL*G)C1
zc@fharuR)dO<$YNo9>uZ=2UY_^GoJ3^9b`u^Jw!#^Gx$R^8)j7^9pmldA<2P^9J+B
z=56L3=6&YR&0m-=o9|f&i_Ah<6c&|5W6@cXEp|&2i^IZOGAu5O$I`|!!ZO#g#j@Y>
zZ_Brqla?PWKUq#&Zdx94NgU#2T!i8joSw6DPA;9x<OELSvbZ1@;#zTeTo<kz*PSci
zdU2)P0B#^x#znc=Tn#smtL5srh1@D`Ew_$)kK4d);&ySLaeKM_+yU+&cbxl~JI`I@
zE^}A8>)bu=p%qx6m9WaJjMZ%AtTt;CtHa7$Gpx-c*0$De)&grU>&w=#wZz)bT526>
zt+Y<JzHY6t&a>887h2!6F0pQ~(KgZ6(w1xMVC!hhvvs!hv=!QV+rqXITR+=GTa9hK
zZLjUH?X2yb?Y!-x?UL<^?V9a|?UwC#+aI>SlF4LwvNBnnJT7@ka&_|b<eAAglOLvl
zln6{AQp!`tr&Od=r9@ILr`${VGv$8D1ABk_tM-xh(e|<S)Ap<O>-OL5w^BQ&7Nr)a
zhEw~dzLUB&_2bm-sXNn7rkzi_n06`cs-xU7+A+>C!BOd$?wIGObu4ha=~(Jm?Rdwr
z-m$^4*|EiO&B;02I)^wXIIEmd=OpJ;=d_5k)>-FV=v?f)>3qnOyqs6^YF^8mc`Kj7
zr}AmMlNb1Ad^^5?FXVgkVZJY4$`9fP^F#QFJmx3!)%*;8HebWX`1$+-ekH$}U(3In
zZb?s1&rElx3+c7#E7I%JSEaAb&}3LMk~8cXX&G}e7H2HYSeEg2W<;LJW|}j(%;e1K
z%r`RUXD-Nm)1`7*TuxVp%k2_eepk@d%JsafovXd;1y`P{v#ZQi<67$a*mcHr$#v89
zhg<5_xfwU>wzzF>yW8y++<te!9db8wKjZG<u5{0EuXG=FA9tU1Uv}T~K#$Zzd6XWF
zhxXV!_J}9V<MgC^Tpo|7y=SPW(o^Tz<@v(%wdXs}1<y^-9nU?_U!DhE;8l7xUfRoe
zjb5{t^E$kKZ*y-4Z@#y{Tj=fW4SV}~hj@p3M|wwl$9gAtE4_8zo!&#<3xY;42~NQ$
zv=G`09feLpS0P_05K4sp!a$)+hzu5n3d4o*!fV1DVUe&zSSGwJtP<7=9|&88ZNd&=
zr?6YtBODS=3g?9L!bRbda7DN#{2|;I9{PX}`lLS6r}No->As*Z$JfHw%GcJ{-q+EW
z=PUFT`HFpgd~1ALd|Q1V`*!&5h)JSK)QWo1D4Ip9m@c{^qF3~ZelaL!i><^CVh^#8
z*iRfFmWk!!FmZxdB}T>9#K~f{I9;q44~i$n+kUIx>G%0_{JH*oe}TWy-`gMd_w|?h
zNBBqk$N4M#6aCmf*+11E^Vj<8{EPgzvp^QiBC^P=L0O}-#%7Jrs?7Q}>s;3PtczKZ
z%YocLexP?C9OxS;4Gapr8W<HA8yFv`3``7E2WkQf0xJXW1vUmg2y6{(3+xGe9yky<
z82B>qRp4@v4%&kqg583J!2!Wx!4bjH!EwQg;N)O+a7J)ea87V;a8Yn=@WbGq;Gy7=
z;Mc)#f+vD!g6D!4g1-i@1g{0}hERD(9pXZcP<qG}@`l7vPN+qwRp_};+fZ((Bs48F
zKeRKnKlD}TWaxb8dgx~8PUv3fuWXbp%a&&=vo+beY)f`pwkP}9>^9jiG=5)_Bqb%T
NgfVe_^q>9W{{zw1xqSct

diff --git a/learn/test/overflow/0day.3.2.asm b/learn/test/overflow/0day.3.2.asm
new file mode 100644
index 0000000..4fdea7c
--- /dev/null
+++ b/learn/test/overflow/0day.3.2.asm
@@ -0,0 +1,20 @@
+; ã0daypå®å¨ã3.2 shellcode ä»£ç (nasm)
+; 2016-07-20 22:00:21
+    ADD     ESP, -0x80
+    MOV     EBP, ESP
+    XOR     EAX, EAX
+    PUSH    EAX
+    PUSH    0x74736556        ; 'tseV'
+    PUSH    0x2E656341        ; '.ecA'
+    MOV     EBX, ESP
+    PUSH    EAX
+    PUSH    EBX
+    PUSH    EBX
+    PUSH    EAX
+    MOV     EBX, 0x77D507EA    ; MessageBoxA
+    CALL    EBX
+
+    PUSH    EAX
+    MOV     EBX, 0x7C81CAFA    ; ExitProcess
+    CALL    EBX
+
diff --git a/tools/AceBox/AceBox.xcodeproj/project.xcworkspace/xcuserdata/Ace.xcuserdatad/UserInterfaceState.xcuserstate b/tools/AceBox/AceBox.xcodeproj/project.xcworkspace/xcuserdata/Ace.xcuserdatad/UserInterfaceState.xcuserstate
index 8170e0dfe90aca1974528f069761d04aa212a8eb..d764726221036a4bb0f24c0ddce46700cff8f091 100644
GIT binary patch
delta 33
ncmbQdlX>z^<_!)FY}#He)6D8NyEUwk0kLOI_TKzu&U||S<`xbu

delta 33
ncmbQdlX>z^<_!)FY?`GXW~J`m?AEYC2E?9SaBlOLIrHrS0&Ng1

-- 
2.44.0

