>LC_ALL=en_US.UTF-8 gdb -q [elf] >gdb -q [linux exec] >break main >break *0x565564e3 >attach [pid] >sudo gdb -q --args php -a Debug with php interactive shell >r (r means run) Starting program: /usr/bin/php -a [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Interactive shell php > dl('lverifier'); Debug the php extension so file Crtl-c can pass the control back to gdb (gdb).... Set the break point at function or at the specific address. Use attach to debug the existing...

Trojan Source AttacksSome Vulnerabilities are InvisibleRather than inserting logical bugs, adversaries can attack the encoding of source code files to inject vulnerabilities.These adversarial encodings produce no visual artifacts. 只能說以後Coding Guidance真的要好好遵守了. 註解夾在Source Code裡面真的會造成安全性問題. 但最終的問題還是在於使用外部Library的時候要怎麼預防...真的難... trojan-sourceDownload