http://www.hackerschool.org/HS_Boards/zboard.php?id=bof_fellowship&no=17 [º¹»ç]
[ȯ°æ]
- Redhat 6.2
- Dummy : X
- Drop Privileage : X
- NON-EXEC STACK : X
- NON-EXEC HEAP : X
- Canary : X
- Random Stack : X
- Random Library : X
- ASCII Armor : X
- Env deleting(Egg hunter) : O
- Argv deleting : X
[¼Ò½ºÄÚµå]
#include <stdio.h>
#include <stdlib.h>
extern char **environ;
main(int argc, char *argv[])
{
char buffer[40];
int i;
if(argc<2){
printf("argv error\n");
exit(0);
}
// egghunter
for(i=0; environ[i]; i++)
memset(environ[i], 0, strlen(environ[i]));
if(argv[1][47]!='\xbf')
{
printf("stack is still your friend.\n");
exit(0);
}
strcpy(buffer, argv[1]);
printf("%s\n", buffer);
} |
Hit : 2447 Date : 2010/02/27 09:32
|