From a742590786e0f7b8c0597008fe3f71265f1f1013 Mon Sep 17 00:00:00 2001 From: Niklas Baumstark Date: Mon, 16 Mar 2015 22:34:17 +0100 Subject: update README --- README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7f18790..0dcc28b 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,14 @@ ## Building a libc offset database -Fetch all the configured libc versions and extract the symbol offset +Fetch all the configured libc versions and extract the symbol offsets. +It will not download anything twice, so you can also use it to update your +database: $ ./get -Find all the libc's in the database that have a given name at the given address -(only the last 12 bits are checked, because randomization usually works on page -size level) +Find all the libc's in the database that have a given name at the given address. +Only the last 12 bits are checked, because randomization usually works on page +size level. $ ./find printf 260 archive-eglibc (id 2.15-0ubuntu10_amd64) @@ -22,7 +24,8 @@ Find a libc from the leaked return address into __libc_start_main. archive-glibc (id 2.19-10ubuntu2_i386) archive-glibc (id 2.19-15ubuntu2_i386) -Dump some useful offsets, given a libc ID: +Dump some useful offsets, given a libc ID. You can also provide your own names +to dump. $ ./dump 2.19-0ubuntu6.6_i386 offset___libc_start_main_ret = 0x19a83 -- cgit v1.2.3-54-g00ecf