http://www.hackerschool.org/HS_Boards/zboard.php?desc=desc&no=1568 [º¹»ç]
¹¹.. ±Ã±ÝÇØÇϽôºÐÀÌ °è¼Å¼ ¿Ã¸®±¸¿ä
±×³É º£³¢Áö ¸¶½Ã°í ¿ø¸®¸¦ º¸¼¼¿ë~
±Ý¹æ... ÇÑ 10ºÐÀü¿¡ Ç®°í ÀرâÀü¿¡ ¿Ã¸³´Ï´Ù ¤¾¤¾
1¹ø¹®Á¦. Faked File
¿ì¼± »ý°¢º¸´Ù ctf¶§ ¸¹ÀÌ ¸øǪ¼Ì´õ±º¿ä ;;;
Á¢¼ÓÇØ º¸½Ã¸é È®ÀåÀÚ°¡ jpgÀÎ ÆÄÀÏÀÌ ÀÖ½À´Ï´Ù. ÇÏÁö¸¸ ÈùÆ®¿¡¼µµ ¾Ë ¼ö ÀÖµíÀÌ ÀÌ°ÍÀº Faked file ÀÏ °ÍÀÔ´Ï´Ù.
¹¹ °£´ÜÇÏ°Ô cat À¸·Î ÇØ´ç ÆÄÀÏÀ» Àо½Ã´Ù.
sully@ubuntu:/tmp/max$ cat 4minute_naked.jpeg
ELF>¢æ@@P@8 @@@@@@©ª88@8@@@ `` @@`@` TT@T@DDPåtd@@$$QåtRåtd``èè/lib64/ld-linux-x86-64.so.2GNUGNU`N£XñïXÒsäÎÔ\o¡Æp, '__gmon_start__libc.so.6putsputchar__libc_start_mainGLIBC_2.2.5ui 9à```Hƒè{è
--------------------------Áß·«-------------------------
(@call_gmon_startcrtstuff.c__CTOR_LIST____DTOR_LIST____JCR_LIST____do_global_dtors_auxcompleted.7382dtor_idx.7384frame_dummy__CTOR_END____FRAME_END____JCR_END____do_global_ctors_auxlevel6.c_GLOBAL_OFFSET_TABLE___init_array_end__init_array_start_DYNAMICdata_start__libc_csu_fini_start__gmon_start___Jv_RegisterClassesputs@@GLIBC_2.2.5_finiputchar@@GLIBC_2.2.5__libc_start_main@@GLIBC_2.2.5_IO_stdin_used__data_start__dso_handle__DTOR_END____libc_csu_init__bss_start_end_edatamain_init
lib??? gmon??? handle???
¾îµð¼±°¡ ¸¹ÀÌ º» ³ðµéÀÔ´Ï´Ù. ´À³¦»ó ÀÌ°Ç elf ÆÄÀÏÀ̶ó´Â °ÍÀ» ¾Ë ¼ö ÀÖÀ»°Ì´Ï´Ù.
(Àú¸¸ ±×·±°Ç°¡¿ä...?)
vi·Î ¿¾îº¸¸é
â¯Ã˜Ã¢¯Ã ^B^A^A^@^@^@^@^@^@^@^@^@^B^@>^@^A^@^@^@<80>^D@^@^@ ----------------------------Áß·«-------------------------------
...¹¹ÀÓ...?
¸¹Àº ºÐµéÀÌ ¾Ë°í°è½Ã°ÚÁö¸¸ vi µµ hex ÆíÁý±â·Î º¯½Å °¡´ÉÇÕ´Ï´Ù.
:%!xxd
»Ð!
Çì´õ¸¦ º¸¸é
0000000: ffd8 ffe0 0201 0100 0000 0000 0000 0000 ................
¶ó°í µÇ¾îÀֳ׿ä
Çì´õ¿¡ ´ëÇؼ´Â °Ë»ö ¤¡¤¡...
¾î¶µç Çì´õ°¡ ff d8 ff e0 À¸·Î jpgÇì´õ´Â ¸Â½À´Ï´Ù.
±×·³ ¹¹ÇÏ´©... ½ÇÁ¦·Î ÆÄÀÏÀº elf Àε¥...
Çì´õ¸¦ ¹Ù²ãÁݽôÙ.
0000000: 7f45 4c46 0201 0100 0000 0000 0000 0000 .ELF............
ÀÚ ¹Ù²î¾ú±¸¿ä hex¿¡µðÅ͸¦ Á¾·áÇغ¾½Ã´Ù.
:%!xxd -r
»Ð!
^?ELF^B^A^A^@^@^@^@^@^@^@^@^@^B^@>^@^A^@^@^@<80>^D@^@
----------------------------Áß·«-------------------------------
ÀÚ ÀÌÁ¦ ÀúÀåÇÏ°í Á¾·á~
½ÇÇà! »Ð!
ÀÌÁ¦ Çö¾Æ´Â ³»²¨...
2¹ø¹®Á¦ my nmap
¼Ò½ººÎÅÍ º¸¸é ´ÙÀ½°ú °°½À´Ï´Ù.
#include <stdio.h>
#include <unistd.h>
int main(int argc, char *argv[])
{
char szCmd[1024];
if(argc < 2){
printf("Usage : %s IP_ADDR\n", argv[0]);
exit(-1);
}
snprintf(szCmd, 1024, "nmap -p 21,22,25,80,6667,8080 %s", argv[1]);
// run devil, run run run
system(szCmd);
}
¾îµð¼ ¸¹ÀÌ º» °Í °°Áö ¾Ê³ª¿ä...?
system ÇÔ¼ö´Â Àú·¸°Ô ÀÎÀÚ ±×·¯´Ï±î ¹®ÀÚ¿À» Á÷Á¢ ¹Þ¾Æ¼ »ç¿ëÇÒ ¶§ Ãë¾àÇÏ°Ô µË´Ï´Ù.
ftz¿¡µµ À̸¦ ÀÌ¿ëÇÑ ¹®Á¦°¡ ÀÖÁö¿ä (°Ë»öÇÏ¸é ´Ù³ª¿Í!!! ±¸±Û½Å´Ô ¯!)
À̸¦ ÀÌ¿ëÇؼ Ç®¸é ¼³¸®µµ ³»²¨...
------------------------------------------------------------------------------------------
2°³ Ç®¾úÀ¸´Ï... ³ª¸ÓÁø ¶Ç ´Ù¸¥ºÐÀÌ...
ÇÏ·ç¿¡ 2°³ ÀÌ»ó Ǫ´Â°Ç ÀúÀÇ ÇÑ°èÀ̱⶧¹®¿¡... |
Hit : 7608 Date : 2010/09/14 03:42
|