|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
  97,  1/5 |
  |
 |
 |
 |
 |
healer | ||||||
 |
|||||||
 |
Á¦¸ñ_¾øÀ½.png (0 Byte), Download : 16 [¿À¸¥ÂÊ ¹öÆ° ´·¯ ´Ù¿î ¹Þ±â] | ||||||
|
|||||||
 |
¸®¹ö½Ì __security_cookie | ||||||
|
|||||||
|
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_Reversing&no=111 [º¹»ç] 
Hit : 3282 Date : 2017/07/17 12:27
|
|||||||
 |
|||||||
|  |
| |
| healer | 00EA16A0 > 55 PUSH EBP ; IsPasswordOK() 00EA16A1 8BEC MOV EBP,ESP 00EA16A3 81EC DC000000 SUB ESP,0DC 00EA16A9 53 PUSH EBX 00EA16AA 56 PUSH ESI 00EA16AB 57 PUSH EDI 00EA16AC 8DBD 24FFFFFF LEA EDI,DWORD PTR SS:[EBP-DC] 00EA16B2 B9 37000000 MOV ECX,37 00EA16B7 B8 CCCCCCCC MOV EAX,CCCCCCCC 00EA16BC F3:AB REP STOS DWORD PTR ES:[EDI] 00EA16BE A1 0490EA00 MOV EAX,DWORD PTR DS:[__security_cookie] 00EA16C3 33C5 XOR EAX,EBP 00EA16C5 8945 FC MOV DWORD PTR SS:[EBP-4],EAX 00EA16C8 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14] 00EA16CB 50 PUSH EAX »çÁøÀÌ ¾È¿Ã¶ó°¡³×¿ä óÀ½À̶ó¼... |
2017/07/17 | |
| pwnnnt | bof ¹æÁö°°³×¿ä. | 2017/07/18 | |
| sTRAYdOG | 1. EAX¿¡´Ù°¡ __security_cookieÀÌ°É ³Ö´Â ÀÌÀ¯ 2¹ø XOR ¿¬»êÀ» À§Çؼ. 2. ±×¸®°í XOR EAX, EBP¸¦ XORÇÏ´Â ÀÌÀ¯ ¾Ë¼ö¾øÁÒ. ¿¬»ê°á°ú EAX¸¦ ³ªÁß¿¡ »ç¿ëÇÏ°ÚÁÒ. 3. MOV EBP-4, EAX ¿Ö EBP-4¿¡´Ù°¡ EAX¸¦ ³Ö´Â ÀÌÀ¯ [EBP-4]´Â Áö¿ªº¯¼öÁÒ. ¿©±â´Ù ÀúÀåÇϳªº¸ÁÒ. ³ªÁß¿¡ ÇÔ¼ö¸¦ ³ª°¡¸é ÀÌ°Ô ¹ÝȯµÉÁöµµ. 4. LEA EAX, EBP-14ÀÇ ÁÖ¼Ò¸¦ ³Ö´Â ÀÌÀ¯ [EBP-14]¿¡ ¸ð°¡ ÀÖ´ÂÁö ¼Ò½º¸¸À¸·Î ¾Ë ¼ö ¾ø¾î¿ä 5. EAX¸¦ ³Ö´Â ÀÌÀ¯ ½ºÅÿ¡ ³Ö´Â°ÍÀε¥ ³ªÁß¿¡ ²¨³¾¶ó´Â °ÍÀÌÁÒ. Á¦°¡º¸±â¿£ Äڵ常º¸¸é 3¹ø XoR¿¬»êÀÌ ÇÔ¼öÀÇ ÁÖ¸ñÀûÀ̶ó°í º¸ÀÔ´Ï´Ù. |
2017/07/30 | |
|
|
