{"id":13395935,"url":"https://github.com/niklasb/libc-database","last_synced_at":"2025-04-11T20:33:02.795Z","repository":{"id":28830788,"uuid":"32354352","full_name":"niklasb/libc-database","owner":"niklasb","description":"Build a database of libc offsets to simplify exploitation","archived":false,"fork":false,"pushed_at":"2024-10-23T16:44:32.000Z","size":1681,"stargazers_count":1762,"open_issues_count":12,"forks_count":191,"subscribers_count":30,"default_branch":"master","last_synced_at":"2025-04-04T16:05:06.369Z","etag":null,"topics":["ctf","ctf-tools","libc","offsets","pwn"],"latest_commit_sha":null,"homepage":"https://libc.rip/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/niklasb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-03-16T21:33:42.000Z","updated_at":"2025-04-04T15:45:23.000Z","dependencies_parsed_at":"2024-01-14T10:59:54.972Z","dependency_job_id":"9e18388b-fb0c-410a-81c3-608237d928c4","html_url":"https://github.com/niklasb/libc-database","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niklasb%2Flibc-database","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niklasb%2Flibc-database/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niklasb%2Flibc-database/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niklasb%2Flibc-database/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/niklasb","download_url":"https://codeload.github.com/niklasb/libc-database/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248476363,"owners_count":21110264,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","ctf-tools","libc","offsets","pwn"],"created_at":"2024-07-30T18:00:35.831Z","updated_at":"2025-04-11T20:33:02.773Z","avatar_url":"https://github.com/niklasb.png","language":"Shell","funding_links":[],"categories":["[*] System hacking / Pwnable","\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","Shell"],"sub_categories":["[+] TIP \u0026 Tools  :+1:","\u003ca id=\"41ae40ed61ab2b61f2971fea3ec26e7c\"\u003e\u003c/a\u003e漏洞利用"],"readme":"## Web interface\n\nlibc-database now has a web service and frontend. Visit https://libc.rip/ to\ntry it out! Read https://github.com/niklasb/libc-database/tree/master/searchengine\nif you are interested in the API.\n\n\n## Building a libc offset database\n\nIf you're getting errors, please check the \"Requirements\" section below.\n\nFetch the desired libc categories and extract the symbol offsets.\nIt will not download anything twice, so you can also use it to update your\ndatabase:\n\n    $ ./get  # List categories\n    $ ./get ubuntu debian  # Download Ubuntu's and Debian's libc, old default behavior\n    $ ./get all  # Download all categories. Can take a while!\n\nYou can also add a custom libc to your database.\n\n    $ ./add /usr/lib/libc-2.21.so\n\nFind all the libc's in the database that have the given names at the given\naddresses. Only the last 12 bits are checked because randomization usually\nworks on page size level.\n\n    $ ./find printf 260 puts f30\n    archive-glibc (libc6_2.19-10ubuntu2_i386)\n\nFind a libc from the leaked return address into `__libc_start_main`.\n\n    $ ./find __libc_start_main_ret a83\n    ubuntu-trusty-i386-libc6 (libc6_2.19-0ubuntu6.6_i386)\n    archive-eglibc (libc6_2.19-0ubuntu6_i386)\n    ubuntu-utopic-i386-libc6 (libc6_2.19-10ubuntu2.3_i386)\n    archive-glibc (libc6_2.19-10ubuntu2_i386)\n    archive-glibc (libc6_2.19-15ubuntu2_i386)\n\nDump some useful offsets, given a libc ID. You can also provide your own names\nto dump.\n\n    $ ./dump libc6_2.19-0ubuntu6.6_i386\n    offset___libc_start_main_ret = 0x19a83\n    offset_system = 0x00040190\n    offset_dup2 = 0x000db590\n    offset_recv = 0x000ed2d0\n    offset_str_bin_sh = 0x160a24\n\nCheck whether a library is already in the database.\n\n    $ ./identify /usr/lib/libc.so.6\n    local-f706181f06104ef6c7008c066290ea47aa4a82c5\n\nOr find a libc using a hash (currently BuildID, MD5, SHA1 and SHA256 is\nimplemented):\n\n    $ ./identify bid=ebeabf5f7039f53748e996fc976b4da2d486a626\n    libc6_2.17-93ubuntu4_i386\n    $ ./identify md5=af7c40da33c685d67cdb166bd6ab7ac0\n    libc6_2.17-93ubuntu4_i386\n    $ ./identify sha1=9054f5cb7969056b6816b1e2572f2506370940c4\n    libc6_2.17-93ubuntu4_i386\n    $ ./identify sha256=8dc102c06c50512d1e5142ce93a6faf4ec8b6f5d9e33d2e1b45311aef683d9b2\n    libc6_2.17-93ubuntu4_i386\n\nDownload the whole libs corresponding to a libc ID.\n\n    $ ./download libc6_2.23-0ubuntu10_amd64\n    Getting libc6_2.23-0ubuntu10_amd64\n        -\u003e Location: http://security.ubuntu.com/ubuntu/pool/main/g/glibc/libc6_2.23-0ubuntu10_amd64.deb\n        -\u003e Downloading package\n        -\u003e Extracting package\n        -\u003e Package saved to libs/libc6_2.23-0ubuntu10_amd64\n    $ ls libs/libc6_2.23-0ubuntu10_amd64\n    ld-2.23.so ... libc.so.6 ... libpthread.so.0 ...\n\n\n## Requirements\n\n### General\n\nTo run these scripts, you will need following command on your PATH:\n\n* readelf\n* objdump\n* strings\n* perl\n* find\n* grep\n* md5sum\n* sha1sum\n* sha256sum\n* file\n\n\n### Debian-based (Ubuntu, Debian, Kali Linux, ParrotSec)\n\n* mktemp\n* perl\n* wget\n* ar\n* tar\n* grep\n* zstd\n\n\n### RPM-based (category 'rpm')\n\n* mktemp\n* perl\n* wget\n* rpm2cpio\n* cpio\n* grep\n\n\n### CentOS-based\n\nIn addition to the RPM-Based requirements, you will need:\n\n* wget\n* gzip\n* grep\n\n\n### Pacman-based\n\n* mktemp\n* perl\n* grep\n* sed\n* cat\n* wget\n* zstd\n* xz-utils\n* tar\n\n\n### APK Based\n\n* mktemp\n* perl\n* wget\n* tar\n* gzip\n* grep\n\n\n### Launchpad-based\n\nIn addition to the Debian-based requirements, you will need:\n\n* jq\n\n\n### Install everything\n\nTo install everything on Debian 10, run these commands:\n\n```sh\napt-get update\napt-get install -y \\\n  binutils file \\\n  wget \\\n  rpm2cpio cpio \\\n  zstd jq\n```\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fniklasb%2Flibc-database","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fniklasb%2Flibc-database","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fniklasb%2Flibc-database/lists"}