|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
  953,  40/48 |
  |
 |
 |
 |
 |
rlaheehoon | ||||||
 |
|||||||
 |
http://blog.naver.com/rlaheehoon | ||||||
|
|||||||
 |
BOF °ø°ÝÀÌ kernel ¹öÁ¯¿¡ µû¶ó µÉ¶§µµ ÀÖ°í ¾ÈµÉ¶§µµ ÀÖ³ª¿ä? | ||||||
|
|||||||
|
http://www.hackerschool.org/HS_Boards/zboard.php?desc=desc&no=566 [º¹»ç]
Hit : 4071 Date : 2012/04/25 10:08
|
|||||||
 |
|||||||
|  |
| |
| cd80 | ¾ÆÁ÷ °øºÎ°¡ ¹ÌÈíÇØ ´äº¯³»¿ëÀÌ Á¤È®ÇÏÁö ¾ÊÀ» ¼ö ÀÖ½À´Ï´Ù Ä¿³Î¹öÁ¯¿¡µû¶ó ¼öÁ¤µÇ°Å³ª Ãß°¡µÈ ¸Þ¸ð¸® º¸È£ ±â¹ýµéµµ ÀÖ±¸¿ä ¿î¿µÃ¼Á¦°è¿µé¿¡ µû¶ó¼µµ º¸¾È±â¼úÀÌ °°°Ô Àû¿ëµÇÁø ¾Ê¾Ò½À´Ï´Ù ¿¹¸¦µé¾î Ä¿³Î 2.4À§¿¡ ÀÖ´Â ¿ìºÐÅõ¿Í Ä¿³Î 2.4À§¿¡ ÀÖ´Â Æäµµ¶ó»ó¿¡¼ ½ÇÇàµÇ´Â ÀÀ¿ëÇÁ·Î±×·¥µéÀ» °ø°ÝÇϴ¹æ¹ýÀÌ Á¤È®È÷ ¶È°°Áø ¾Ê½À´Ï´Ù ¹°·Ð ¿©±â¼µµ Ä¿³Î ÀÚüÀÇ Ãë¾àÁ¡À» ãÀ¸¸é ¹ü¿ëÀûÀ¸·Î °ø°Ý°¡´ÉÇÑ°ÍÀ¸·Î ¾Ë°íÀÖ±¸¿ä ÇöÀç FTZ¼¹ö´Â Ä¿³Î¿¡¼ ·£´ý½ºÅÃÆÐÄ¡¸¦ ÇÏÁö ¾ÊÀº »óÅÂÀÇ 2.4.20-8 ¹öÁ¯ÀÔ´Ï´Ù ÀÎÅͳݿ¡¼ ·¹µåÇÞ9¸¦ ¹ÞÀ¸½Ã¸é ±âº»ÀûÀ¸·Î ·£´ý½ºÅÃÀÌ Ãß°¡µÈ»óÅ·Π´Ù¿î¹ÞÀ¸½Ç ¼ö ÀÖ½À´Ï´Ù ( ftp://ftp.superuser.co.kr/linux/RedHat ) http://teamcrak.tistory.com/search/¸Þ¸ð¸®%20º¸È£%20±â¹ý http://www.hackerschool.org/Sub_Html/HS_Service/DocuTrans/View_All.html?uid=5 |
2012/04/25 | |
 ¸Û¸Û |
³×.. cd80´Ô ¸»¾¸´ë·Î bof ¹æÁö ÆÐÄ¡°¡ µÇ¾îÀÖ´Â OS ȯ°æ¿¡¼± ±âÁ¸ÀÇ °ø°Ý¹æ¹ýÀÌ Àû¿ëµÇÁö ¾Ê½À´Ï´Ù. º¸¿©ÁֽŠ¿À·ù´Â SSP(Stack Smash Protection) ÆÐÄ¡·Î ÀÎÇÑ °ÍÀ¸·Î º¸ÀÌ³×¿ä ±Ùµ¥ ÀÌ°Ç ¾Æ¸¶ GCC ·¹º§¿¡¼ÀÇ ÆÐÄ¡ÀÏ °Ì´Ï´Ù. µû¶ó¼ ³·Àº ¹öÁ¯ÀÇ GCC¿¡¼ ´ë»ó ÆÄÀÏÀ» ÄÄÆÄÀÏ ÇÑ ÈÄ ´Ù½Ã Çѹø Çغ¸¼¼¿ä. ¹Ý¸é ASLRÀ̳ª DEP´Â Ä¿³Î ·¹º§¿¡¼ÀÇ ÆÐÄ¡À̸ç, ´ÙÀ½ÀÇ ¸í·Éµé·Î ÀÓÀÇ disable ½Ãų ¼ö ÀÖ½À´Ï´Ù. echo 0 > /proc/sys/kernel/exec-shield echo 0 > /proc/sys/kernel/exec-shield-randomize sysctl -w kernel.randomize_va_space=0 |
2012/04/25 | |
|
|
