·¹º§ ÇØÅ·

 2844, 7/143 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ¿ìÀ×22
   lob fc3 fgets·Î ÀԷ¹޴ ¿À¹öÇ÷οì°ü·Ã Áú¹®ÀÖ½À´Ï´Ù.

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_level&no=3200 [º¹»ç]


lob fedora core3  hell_fire ¹®Á¦ Ç®°íÀÖ½À´Ï´Ù

fgets·Î ÀԷ¹޾Ƽ­ ¿À¹öÇÃ·Î¿ì ½ÃÅ°´Âµ¥
gdb·Î È®ÀÎÇغ¸·Á°í Çϴµ¥

fgetsÀÌ¸é ½ÇÇàµÈ ÈÄ¿¡ ÀÔ·ÂÀ» ¹ÞÀ¸´Ï
r `perl -e 'print "~~~"`  ÀÌ·±½ÄÀ¸·Î ¸øÇÏÀݾƿä

r À¸·Î ½ÇÇàÇÑ ÈÄ¿¡
´Ù½Ã ÀԷ°ªÀ» ½á ³Ö¾î¾ß Çϴµ¥
±×ºÎºÐ¿¡ 16Áø¼ö °ªÀ» (\x20) ÀÌ·±½ÄÀ¸·Î ³ÖÀ¸¸é ¾Èµé¾î°¡Àݾƿä
python À̳ª perl ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÒ ¼öµµ ¾ø°í print¸¦ »ç¿ë ÇÒ ¼öµµ ¾ø°í
¾î¶»°Ô ÇØ¾ß Çϳª¿ä ?


Ãß°¡·Î dark_eyes·Î ·Î±×ÀÎÇؼ­ hell_fireǪ´Âµ¥ Ǫ½ÅºÐ ÈùÆ®Á» Áּſä ~
  Hit : 4258     Date : 2011/04/14 07:54


    
CodeAche 1. ¼Ò½ºÄڵ忡 sleep(300) Äڵ带 Ãß°¡Çؼ­ ½©¿¡¼­ ÆäÀ̷ε屸¼º&½ÇÇà ÈÄ
gdb - attach PID

2. $ perl -e 'print "a"x100,"\x20\x4a\xb8\x4a" > payload
gdb> r < ./payload		 2011/04/14  
Prox ÆÄÀÌÇÁ°¡ ¹ºÁö ±¸±Û¸µÇغ¸½Ã´Â°Íµµ µµ¿òÀ̵ǽǵí~ 2011/04/15  
h2spice CodeAche ´Ô
2. $ perl -e 'print "a"x100,"\x20\x4a\xb8\x4a" > payload
gdb> r < ./payload

¿©±â¼­ ' ºÎºÐ ºüÁø°Ç°¡¿ä ¾Æ´Ï¸é ¿ø·¡ ±×·¸°ÔÇؾßÇϳª¿ä??		 2012/05/20  
2724   LOB FC4 ŸÀÌź ¤Ð¤Ð [3]     ¿ìÀ×22
 07/17 3318
2723   webhacking.kr 21¹ø ¹®Á¦[1]     jaewonm
 07/11 5836
2722   [lord of bof FC4] titan Áú¹®ÀÖ½À´Ï´Ù!!!!!! Á¦¹ß[3]     ¿ìÀ×22
 07/04 3479
2721   level11->level12 ¿¡¼­ ¸·Èü´Ï´Ù. ÇÏ·çÁ¾ÀÏ À̰Ÿ¸ º¸³×¿ä.....[6]     ozdang
 07/01 2331
2720   [LOB] LEVEL16 - FAKE EBP ¹®Á¦ Áú¹®.[3]     incaro
 06/11 2922
2719   Level 1¿¡¼­ level2 ±ÇÇÑ¿¡ ´ëÇÑ Áú¹®[3]     yootaeil
 06/09 2917
2718   lob fc4 Enimga ³Ê¹« ¾î·Á¿ö¿ä ~!!!     ¿ìÀ×22
 06/02 3101
2717   LOB Áú¹®]] ¿Ö! 16ByteÀÌ¿©¾ß Çϴ°¡.[7]     incaro
 06/01 3078
2716   webhacking.kr ¼Ò½ºº¸°í³ª¼­[1]     Ǭ¼ö¿ÕÀÚ
 06/01 2507
2715   LOB Áú¹® µå·Á¿ä. (BASH2)[1]     incaro
 05/23 3624
2714   LOB FC4°¡ ¶ÇÀÖ³ª¿ä?     chofly
 05/22 2558
2713   LOB FC4 enigma ÈùÆ® Á» ÁÖ¼¼¿ä     ¿ìÀ×22
 05/17 3965
2712   [¹®Á¦ Level11]¾î¶²½©ÄÚµå´ÂµÇ°í ¾î¶²°Ç ¾ÈµÇ°í... ÇÞ°¥¸®³×¿ä..[2]     incaro
 05/16 3089
2711   µµ´ëü... Level11Àº level10°ú ¿ÖÀÌ·¸°Ô Áö½ÄÂ÷ÀÌ°¡ ³ª´Â°ÅÁÒ;[1]     darkofgy
 05/15 2556
2710   LOB ½ÃÀÛÇߴµ¥¿ä ...[4]     w7040
 05/08 2420
2709   Level8 ±×³É Çѹø °í¹ÎÇß´ø°É ¾ê±âÇغ¾´Ï´Ù     ÀÌÇö¹è
 04/29 2299
2708   ·¹º§ 5->·¹º§6 °úÁ¤¿¡¼­ suid°¡ ÇØÁ¦µÇ¾îÀÖ½À´Ï´Ù..[4]     traciare
 04/28 2310
2707   FC3¿¡¼­ GOT¿À¹ö¶óÀÌÆà Áú¹®ÀÖ½À´Ï´Ù..,[2]     ¿ìÀ×22
 04/25 3761
  lob fc3 fgets·Î ÀԷ¹޴ ¿À¹öÇ÷οì°ü·Ã Áú¹®ÀÖ½À´Ï´Ù.[3]     ¿ìÀ×22
 04/14 4257
2705   ftz ¸¦ ÇÏ´Ù°¡ ¸®´ª½º¸¦ ±ò¾Æ¤²¤È¤µ´Âµ¥ [3]     yangseungjin
 04/11 2573
[1][2][3][4][5][6] 7 [8][9][10]..[143]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org