|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
  2840,  1/142 |
  |
 |
 |
 |
 |
kumi123 | ||||||
 |
|||||||
 |
http://blog.naver.com/kumik12 | ||||||
|
|||||||
 |
±×·³, Æäµµ¶ó ÀÌ»ó±Þ¿¡¼´Â ( ; , | ) ¸¦ ÀÌ¿ëÇÑ ¿ìȸ°¡ ºÒ°¡´É ÇÑ°¡¿ä? | ||||||
|
|||||||
|
http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=3315 [º¹»ç]
Hit : 2846 Date : 2014/02/03 03:49
|
|||||||
 |
|||||||
|  |
| |
| cd80 | Ȥ½Ã system(argv[1]); °°Àº°Å ¸»¾¸ÇϽô°Ÿé /bin/sh ¿¡ -p ¿É¼Ç ³Ö¾îÁÖ½Ã¸é µË´Ï´Ù~ |
2014/02/04 | |
| kumi123 | À§¿¡ Ãß°¡ÇÑ ¹æ¹ýÀ¸·Î ÇÁ·Î±×·¥À» §´ÙÀ½, /bin/sh -p ¿É¼ÇÀ» ³ÖÀ¸´Ï.. euid º¯È°¡ ¾ø½À´Ï´Ù. ¤Ð system ÇÔ¼ö°¡ ³»ºÎ¿¡¼ ÀÌ¹Ì ±ÇÈÇ϶ôÀ» ½ÃŲ´ÙÀ½, ÀÛµ¿Çϱ⠋š¹®¿¡ -p°¡ ¼Ò¿ë¾ø¾î º¸ÀÌ³×¿ä ¤Ð ÀÌ·¸°Ô ÀÛµ¿Çؼ °°Àºµ¥¿ä.. ¤Ð |
2014/02/04 | |
| kumi123 | execl ÇÔ¼ö·Î ÇÒ°æ¿ì¿¡´Â, ¹Ù·Î euid°¡ ÀâÈ÷³×¿ä ¤Ð¤Ð. Àú »óÅ¿¡¼ ¿ìȸ¹æ¹ýÀº ÀÌÁ¦ ¸·Èù°Ç°¡¿ä? |
2014/02/04 | |
| cd80 | ¾î.. Ȥ½Ã ÇÁ·Î±×·¥»ý¼ºÀÌ °¡´ÉÇÑ È¯°æÀ̸é main(){ setreuid(geteuid(), geteuid()); system("cp /bin/bash /tmp/bash"); system("chmod +s /tmp/bash"); } ÇϽŴÙÀ½¿¡ Àú ÇÁ·Î±×·¥À» system()ÀÌ ½ÇÇàÇÏ°Ô ÇÏ°í /tmp/bash -p ·Î ½ÇÇà½ÃÄѺ¸½Ã¸é µÉ°Í°°¾Æ¿ä À̰͵µ ¾ÈµÇ³ª.. |
2014/02/04 | |
| kumi123 | ¾ÈµË´Ï´Ù.. systemÇÔ¼ö ½ÇÇà Àü ±ÇȯÇ϶ô -> setreuid ±Çȯ»ó½Â ( °á±¹ µ¿ÀÏ) -> »ý¼º ( »ç¿ëÀÚ id ) °á±¹ ºÒ°¡´ÉÀ̳׿ä.. systemÇÔ¼ö ÀÌÀü¿¡ setuid() ¸¦ Àû¿ë½ÃÅ°Áö ¸øÇÏ´Â ÀÌ»óÀº, ÇÏÁö¸¸, ¸®¸ðÆ®¾îÅÃ(À¥ÇØÅ·) À̶ó¸é, °¡´ÉÇÒ °ÍÀ̶ó »ý°¢ÇÕ´Ï´Ù. |
2014/02/05 | |
| cd80 | ¾î ±×·¸³×¿ä ¤»¤» | 2014/02/05 | |
|
|