·¹º§ ÇØÅ·

 2844, 1/143 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   gkswls123
   ´Ù¸¥ ¿ö°ÔÀÓ ¹®Á¦ Àε¥¿ä ¾î¶»°Ô Ç®¾î¾ß Çϳª¿ä?

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_level&no=3338 [º¹»ç]


centos ¸®´ª½º ȯ°æÀ̱¸¿ä hint´Â

#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[]){

        char buffer[10];

        if(argc!=2){
                printf("no...just do it argc==2\n");
                return 0;
                }

        strcpy(buffer,argv[1]);

        if((buffer[0])=='a'){


        if((buffer[1])==' '){

        if((buffer[2])=='a'){
        printf("\nSuccess!\n");
        setuid(505);
        system("/bin/bash");

        }

        }

        }

        printf("read catchme.c\n");

        return 0;
}

ÀÌ°ÍÀε¥¿ä ±¸Ã¼ÀûÀ¸·Î ¹» ¾î¶»°Ô Ç϶ó´Â°Ç°¡¿ä?

  Hit : 3380     Date : 2015/01/08 02:39


    
cd80 ./catchme "a a" Ç϶ó´Â°Ô ¹®Á¦ Àǵµ¿¡¿ä 2015/01/08  
skyclad1975 ¹®ÀÚ¿­À» ÀÎÀÚ·Î Àü´ÞÇÒ ¼ö ÀÖ´À³Ä¸¦ ¹¯´Â ¹®Á¦³×¿ä
¿ø·¡¶ó¸é ¶ç¾î¾²±â°¡ Æ÷ÇԵǾîÀÖ´Â ¹®ÀÚ¿­Àº ¶ç¾î¾²±â¸¦ ±âÁØÀ¸·Î °¢°¢ ´Ù¸¥ º¯¼ö·Î ÀνĵDZ⠶§¹®¿¡ argv[1]°ú argv[2] ¿¡ °¢°¢ µé¾î°¡ À§ÀÇ if¹®¿¡ °É¸®°Ô µË´Ï´Ù¸¸ ¶ç¾î¾²±â°¡ Æ÷ÇÔµÈ ¹®ÀÚ¿­À» ÀÎÀÚ·Î Àü´ÞÇϱâ À§Çؼ­´Â " "(Å«µû¿ÈÇ¥)·Î ¹­¾îÁÖ½Ã¸é µË´Ï´Ù		 2015/01/09  
4narchy_gh0st °¨»çÇÕ´Ï´Ù. 2016/11/05  
2844   hack the box vpn ¼³Ä¡°¡ ¾È µË´Ï´Ù[2]     jyk5350
 07/16 1853
2843   ¿ö°ÔÀÓ¿¡¼­ ½ÇÁ¦ ÇÁ·ÎÁ§Æ®±îÁö À̾îÁö´Â °úÁ¤¿¡ °ü·ÃµÈ Áú¹®[2]     junhee329
 04/28 1582
2842   ftz Á¢¼Ó °ü·Ã[1]     pk2861
 04/01 1963
2841   level8ÀÇ ÈùÆ®ÆÄÀÏ ÈѼÕ[2]     MunHue
 06/05 2187
2840   ·¹º§1ÀÇ /bin/bash ¸í·É¾î....     MunHue
 05/15 2339
2839   ftz level4¿¡¼­ finger¸í·É¾î     krimson701
 04/20 2454
2838   /bin/bash¿¡ °üÇؼ­[3]     MunHue
 04/19 2536
2837   FC10 3¹ø ¹®Á¦ Áú¹®ÀÔ´Ï´Ù.[2]     tjdalstjr938
 04/02 2562
2836   ftzÀÌ ¾ÈµÇ¿ä¤Ð¤Ð¤Ð¤Ð¤Ð[1]     ersd145
 04/13 3216
2835   fedora core4 cruel Áú¹®[4]     vngkv123
 03/29 2664
2834   Fedora core4...[3]     vngkv123
 03/28 2675
2833   lob evil_wizard...[2]     vngkv123
 03/27 2328
2832   lob gremlin....[1]     vngkv123
 03/22 3704
2831   ftz level11 Áú¹®[1]     vngkv123
 03/19 2388
2830   pwnable.kr passcode¹®Á¦ Áú¹®...[3]     vngkv123
 03/14 2398
2829   ¿ö°ÔÀÓ Á¢ÇÒ ¼ö ÀÖ´Â »çÀÌÆ® ¾Ë·ÁÁÖ¼¼¿ä.[2]     ¿À¼Ò¸®
 02/23 3940
2828   ¿ö°ÔÀÓ ±â¹Ý Áö½Ä¿¡ °üÇÑ Áú¹®[1]     salangi11
 02/22 2286
2827   ftz Ç®±âÀ§ÇØ ÇÊ¿äÇÑ Áö½ÄÀÌ ±Ã±ÝÇÕ´Ï´Ù.[1]     read1516
 01/13 2700
2826   Lob[1]     km1434
 12/20 2482
2825   FTZ level4 ½© ¶ç¿ì´Â ¹®Á¦      kimstz0
 10/09 2910
1 [2][3][4][5][6][7][8][9][10]..[143]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org