http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_level&no=1499 [º¹»ç]
ÀÌ·± c ¼Ò½º¸¦ ¾î¼ÀÀ¸·Î ÄÄÆÄÀÏÇؼ ¾òÀº ÄÚµå·Î
main()
{
char * name[2] ;
name[0] = "/bin/sh";
name[1] = NULL ;
execve(name[0] , name, NULL) ;
}
°Á¿¡º¸¸é ¾Æ·¡¿Í ºñ½ÁÇÑ ¾î¼À ÄÚµå·Î ´Ù½Ã ÄÚµùÇÏ´øµ¥..
±×³É gdb °°Àº°É·Î ¿ª¾î¼ÀÇÑ Äڵ带 main: ºÎºÐ¿¡´Ù°¡ ±×´ë·Î
°¡Á®´Ù ºÙÀÌ¸é ¾ÈµÇ³ª¿ä?..
±×°Ô ¾Æ´Ï¶ó¸é,
Ç×»ó ½©Äڵ带 Á¦ÀÛÇÒ¶§ ¾Æ·¡¿Í °°Àº ¾î¼ÀÄڵ带
À¯Ã߸¦ ÇØ°¡¸é¼ ¼Õ¼ö Á¦ÀÛÇØ¾ß Çϴ°ǰ¡¿ä?..
¾î¼ÀÀ» ¸ð¸£¸é ¸¸µéÁÙ ¸ð¸£ÀÝ¾Æ¿ä ¤Ð¤Ð¤Ð¤Ð...
´äº¯ºÎŹµå¸³´Ï´Ù.
´Ùµé ½©ÄÚµå ¸¸µå½Ç¶§ cÇÁ·Î±×·¥À» gdb·Î ¿ª¾î¼ÀÇÑ°É Åä´ë·Î
´Ù½Ã ¼Õ¼ö ¾î¼À¼Ò½º¸¦ ÀÛ¼ºÇϳª¿ä?..
À̹ø¿¡ Á» È®°íÈ÷ ÀÌÇØÇÏ°í ½Ê½À´Ï´Ù^^
´Ù¸¥ °³³äµéÀº ¸¹Àº ¹®¼¸¦ ÀоîºÁ¼ °ÅÀÇ´Ù ¾Ë°Å°°Àºµ¥
ÀÌÁ¦ ½©Äڵ带 ¼Õ¼ö ÀÛ¼ºÇغ¸°í ½Í°Åµç¿ä.. (±×µ¿¾È¿¡´Â ³²À̸¸µç°Í
º¹»ç¸¸ Çؼ ÄÄÆÄÀÏÇÏ°í °øºÎÇغôµ¥...)
ÀÌÁ¦ ¼Õ¼ö¸¸µé¾îº¸°í ½Í½À´Ï´Ù. Á» ÀÚ¼¼È÷Á» ´ä±Û´Þ¾ÆÁֽøé
ÀºÇý ÀØÁö ¾Ê°Ú½À´Ï´Ù^^..
ÀÌÁ¦¸· ÇØÅ·¿¡ Àç¹Ì°¡ µé·Á¼¿ä^^;;...
¸Þ¸ð¸®¸¦ º¯°æÇÏ°í µîµî... ³Ê¹« ÀëÀÖ³×¿ä ¤»¤»
.global main
main :
jmp strings
start: popl %esi
movb $0x00, 0x7(%esi)
movl %esi , 0x8(%esi)
movl $0x00, 0xc(%esi)
movl $0x0b, %eax
movl %esi, %ebx
leal 0x8(%esi), %ecx
movl 0xc(%esi), %edx
int $0x80
movl $0x01, %eax
movl $0x00, %ebx
int $0x80
strings: call start
.string "/bin/sh"
|
Hit : 1631 Date : 2005/01/14 01:32
|