97, 2/5 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   healer
   Á¦¸ñ_¾øÀ½.png (0 Byte), Download : 16     [¿À¸¥ÂÊ ¹öÆ° ´­·¯ ´Ù¿î ¹Þ±â]
   ¸®¹ö½Ì __security_cookie

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_Reversing&no=111 [º¹»ç]



00EA16BE ºÎÅÍ 00EA16CB ±îÁö ³ë¶û»ö ¹Ú½º¿¡¼­
ÀÌÀ¯°¡ ±Ã±ÝÇÕ´Ï´Ù.

1. EAX¿¡´Ù°¡ __security_cookieÀÌ°É ³Ö´Â ÀÌÀ¯
2. ±×¸®°í XOR EAX, EBP¸¦ XORÇÏ´Â ÀÌÀ¯
3. MOV EBP-4, EAX  ¿Ö EBP-4¿¡´Ù°¡ EAX¸¦ ³Ö´Â ÀÌÀ¯
4. LEA EAX, EBP-14ÀÇ ÁÖ¼Ò¸¦ ³Ö´Â ÀÌÀ¯
5. EAX¸¦ ³Ö´Â ÀÌÀ¯
  Hit : 3592     Date : 2017/07/17 12:27


    
healer 00EA16A0 > 55 PUSH EBP ; IsPasswordOK()
00EA16A1 8BEC MOV EBP,ESP
00EA16A3 81EC DC000000 SUB ESP,0DC
00EA16A9 53 PUSH EBX
00EA16AA 56 PUSH ESI
00EA16AB 57 PUSH EDI
00EA16AC 8DBD 24FFFFFF LEA EDI,DWORD PTR SS:[EBP-DC]
00EA16B2 B9 37000000 MOV ECX,37
00EA16B7 B8 CCCCCCCC MOV EAX,CCCCCCCC
00EA16BC F3:AB REP STOS DWORD PTR ES:[EDI]
00EA16BE A1 0490EA00 MOV EAX,DWORD PTR DS:[__security_cookie]
00EA16C3 33C5 XOR EAX,EBP
00EA16C5 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
00EA16C8 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00EA16CB 50 PUSH EAX

»çÁøÀÌ ¾È¿Ã¶ó°¡³×¿ä óÀ½À̶ó¼­...		 2017/07/17  
pwnnnt bof ¹æÁö°°³×¿ä. 2017/07/18  
sTRAYdOG 1. EAX¿¡´Ù°¡ __security_cookieÀÌ°É ³Ö´Â ÀÌÀ¯
2¹ø XOR ¿¬»êÀ» À§Çؼ­.
2. ±×¸®°í XOR EAX, EBP¸¦ XORÇÏ´Â ÀÌÀ¯
¾Ë¼ö¾øÁÒ. ¿¬»ê°á°ú EAX¸¦ ³ªÁß¿¡ »ç¿ëÇÏ°ÚÁÒ.
3. MOV EBP-4, EAX ¿Ö EBP-4¿¡´Ù°¡ EAX¸¦ ³Ö´Â ÀÌÀ¯
[EBP-4]´Â Áö¿ªº¯¼öÁÒ. ¿©±â´Ù ÀúÀåÇϳªº¸ÁÒ. ³ªÁß¿¡ ÇÔ¼ö¸¦ ³ª°¡¸é ÀÌ°Ô ¹ÝȯµÉÁöµµ.
4. LEA EAX, EBP-14ÀÇ ÁÖ¼Ò¸¦ ³Ö´Â ÀÌÀ¯
[EBP-14]¿¡ ¸ð°¡ ÀÖ´ÂÁö ¼Ò½º¸¸À¸·Î ¾Ë ¼ö ¾ø¾î¿ä
5. EAX¸¦ ³Ö´Â ÀÌÀ¯
½ºÅÿ¡ ³Ö´Â°ÍÀε¥ ³ªÁß¿¡ ²¨³¾¶ó´Â °ÍÀÌÁÒ.

Á¦°¡º¸±â¿£ Äڵ常º¸¸é 3¹ø XoR¿¬»êÀÌ ÇÔ¼öÀÇ ÁÖ¸ñÀûÀ̶ó°í º¸ÀÔ´Ï´Ù.		 2017/07/30  
77   ¸®¹ö½º ¿£Áö´Ï¾î¸µÀÌ ¹¹¿¡¿ä?[3]     qkreoghks00
 01/23 3962
76   ¸®¹ö½º ¿£Áö´Ï¾î¸µ ¹ÙÀ̺íÀ» Àдٰ¡ ±Ã±ÝÇÑ Á¡ÀÌ »ý°å´Âµ¥¿ä¤Ð![1]     tjswn7051
 10/14 3462
75   ¸®¹ö½º ¿£Áö´Ï¾î¸µ °øºÎÇÏ·Á¸é[1]     °¨¿°¿À¸®
 08/14 4155
74   ¸®¹ö½Ì¿¡ Á» ¹°¾îº¾´Ï´Ù[1]     ±×ÀúÁú¹®
 01/19 4207
73   ¸®¹ö½ÌÇÏ´Ù°¡ JGE °ü·Ã Áú¹®     Z2ong2
 10/09 2833
72   ¸®¹ö½ÌÀÇ·ÚÇÏ·ÁÇÕ´Ï´Ù[1]     eastgm
 01/31 3564
71   ¸®¹ö½Ì-µð½º¾î¼Àºí¸®-µð¹ö°Å¿¡ ¹®ÀÇÁ»..     leonardo6
 10/13 2527
70   ¸®¹ö½Ì,Å©·¢ ÀÇ·ÚÇÕ´Ï´Ù[2]     inx123
 11/27 4261
69   ¸®¹ö½Ì, Å©·¢¹Ì ±îºÃ´õ´Ï¡¦ Ãæ°Ý[1]     creeper
 12/01 4113
68   ¸®¹ö½Ì(¾î¼Àºí¸®¾î) ±âÃÊ Áú¹®Á» µå¸®°Ú½À´Ï´Ù[2]     skyclad1975
 12/10 3260
67   ¸®¹ö½Ì ¿£Áö´Ï¾î¸µ °øºÎ??[3]     GaOnNuRI
 04/30 4129
66   ¸®¹ö½Ì ¹®Á¦ Ǫ´Â Áß¿¡ ±Ã±ÝÇÑ Á¡ÀÌ ÀÖ½À´Ï´Ù.[5]     ansuz0710
 08/10 3235
65   ¸®¹ö½Ì °øºÎ µµÁß...[1]     whitetie
 06/05 3113
64   ¸®¹ö½Ì °ü·ÃÇؼ­ ¼±¹è´Ôµé¿¡°Ô Áú¹®µå¸®°í ½ÍÀº°ÔÀִµ¥¿ä.     rptprl123
 10/12 2999
  ¸®¹ö½Ì __security_cookie[3]     healer
 07/17 3591
62   ¸®¹ö½Ì Çٽɿø¸®¸¦ °øºÎÇÏ´Ù°¡ ¸·Çû½À´Ï´Ù.     aaasss445
 06/12 2118
61   ¸®¹ö½Ì ÇÏ·Á¸é À©µµ¿ì ÇÁ·Î±×·¡¹Öµµ ¹è¿ö¾ß Çϳª¿ä?[2]     cji2
 05/20 4090
60   ¸®¹ö½Ì ÀÔ¹®ÇÏ°í ½Í¾î¼­ Áú¹®µå¸³´Ï´Ù.[2]     shdac
 09/27 3986
59   ¸®¹ö½Ì ÀÔ¹®ÀÚÀÔ´Ï´Ù     shdac
 10/12 2747
58   ¸®¹ö½Ì Ãʺ¸ÀÔ´Ï´Ù. IDA¿¡ ´ëÇÑ Áú¹®ÀÖ½À´Ï´Ù.[3]     shdac
 10/29 3778
[1] 2 [3][4][5]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org