ÇÁ·Î±×·¡¹Ö

 3206, 1/161 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ghjk645
   ´Þ°í³ª ¹®¼­ ½©ÄÚµå

http://www.hackerschool.org/HS_Boards/view.php?id=QNA_programming&no=6623 [º¹»ç]


´Þ°í³ª ¹®¼­·Î °øºÎÇÏ´øÁß¿¡ ½©ÄÚµå ¸¸µå´Â ºÎºÐ¿¡¼­

1.push $0x0
2.push '/sh\0'
3.push 'bin'
4.mov %esp,%ebx
5.push $0x0
6.push %ebx
7.mov %esp,%ecx
8.mov $0x0,%edx
9.mov $0xb,%eax
10.int $0x80

1¹ø°¿Í 5¹ø° push $0x0À¸·Î NULLÀ» ³Ö¾îÁشٴµ¥ ¿Ö NULLÀ» ³Ö¾îÁִ°ǰ¡¿ä??
¶Ç %ebx¿¡´Â '/bin/sh\0'¹®ÀÚ¿­ÀÌ µé¾î°¡ Àִ°ǰ¡¿ä ¾Æ´Ï¸é ¹®ÀÚ¿­ ÁÖ¼Ò°¡ µé¾î°¡ Àִ°ǰ¡¿ä?? ±Ã±ÝÇØ ¹ÌÄ¡°Ú½À´Ï´Ù ¤Ð¤Ð
  Hit : 1594     Date : 2021/03/24 07:50


    
±ºÀÎ 1¹ø ° ³ÎÀº Ǫ½Ã ¾ÈÇØÁ൵ µÉ °Í °°¾Æº¸ÀÔ´Ï´Ù.
5¹ø ° ³ÎÀº int 0x80 (sys interrupt) È£Ãâ ÀÎÀÚ.

%ebx¿¡ "/bin/sh\x00" ¹®ÀÚ¿­ ÁÖ¼Ò ¸Â½À´Ï´Ù.		 2021/03/25  

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org