|
|
|
|
|
|
|
|
|
|
|
|
|
3923, 2/197 |
|
ewqqw | |||||||
setuid¸¦ ÀÌ¿ëÇÑ ±ÇÇÑ »ó½Â | |||||||
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_linux&no=4453 [º¹»ç]
Hit : 2334 Date : 2017/03/29 02:14
|
|||||||
ÇØÄð·¯ | fgetsÀÇ ¼¼¹ø°ÀÎÀÚ°¡ fpÀε¥ fp¿¡ stdinÀÌ ¾Æ´Ï¶ó fopen("flag")°¡ µé¾î°¬ÁÒ Ç÷¡±×ÆÄÀÏÀ» ¸¸µé°í Å°¸¦ ¾²°í Áö¿ì±â¸¦ ¹Ýº¹Çϴ°̴ϴ٠Ç÷¡±×°¡ /home/rc/flag¿¡ ¿øº»ÀÌ ÀÖ°í ÀÌ°É °è¼Ó /tmp/RC¿¡ ¾²°í »èÁ¦ÇÏ°í ¾²°í »èÁ¦ÇÏ°í Çϴ°ÅÁÒ ÀüÇüÀûÀÎ ·¹À̽ºÄÁµð¼Ç ¹®Á¦Àε¥ while [ 1 ] ; do ./rc; done À» ÇسõÀ¸½Ã°í Çϳª¿¡¼´Â while [ 1 ] ; do cat /tmp/RC; done À» ÇسõÀ¸½Ã¸é µÎ¹ø° Å͹̳ο¡¼ Ç÷¡±×°¡ ³ª¿É´Ï´Ù |
2017/03/29 | |
ewqqw | µÎ ¸í·É¹®ÀÇ Â÷À̸¦ ÆÄ°íµé¾î¼ setuid¸¦ ¾ò´Â °ÍÀ̱º¿ä.... °¨»çÇÕ´Ï´Ù | 2017/03/29 | |
|
|