½Ã½ºÅÛ ÇØÅ·

 1576, 1/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   duaudths
   ½©Äڵ常µé¸é¼­ ¼¼±×¸ÕÆ®ÆúÆ® Áú¹®ÀÔ´Ï´Ù.. ¤Ð¤Ð!

http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=1787 [º¹»ç]


.global main
Main:
Jmp come_here
Func:
Movl 0x0b, %eax
Popl %ebx
Movl %ebx, (%esi)
Movl %0x00, 0x4(%esi)
Leal (%esi), %ecx
Movl %0x00, %edx
Int $0x80
Movl $0x01, %eax
Movl $0x02, %ebx
Int $0x80
Come_here:
.string ¡°/bin/sh¡±
Calll func

¹®¼­µéÀ» º¸¸é¼­ ½©Äڵ带 ¸¸µé°í Àִµ¥ ¼¼±×¸ÕÆ® ÆúÆ®°¡ ¶å´Ï´Ù.. °è¼Ó ã¾Æº¸°í »ðÁúÁßÀ̳ª ÁøôÀÌ ¾ø³×¿ä ¤Ð¤Ð Á¶¾ðÁ» ºÎŹµå¸³´Ï´Ù..
  Hit : 4283     Date : 2015/05/02 11:33


    
guswns0528 ´ç¿¬È÷ ¼¼±×Æú ³¯°Å °°Àºµ¥¿ä
jmp come_hereÇÏ¸é ´ÙÀ½¿¡ ±×³É "/bin/sh"°¡ ÀÖÀݾƿä?
Call func¶û .string "/bin/sh"À§Ä¡ ¹Ù²ãº¸¼¼¿ä		 2015/05/12