½Ã½ºÅÛ ÇØÅ·

 1574, 3/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   turttle2s
   shell code ÀÛ¼º

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_system&no=1953 [º¹»ç]


dalgona ¹®¼­ º¸¸é¼­ shellcode ¸¸µé±â ¿¬½ÀÇÏ°í ÀÖ½À´Ï´Ù.
NULL Á¦°Å¸¦ À§ÇØ ´Ù½Ã ½©Äڵ带 Â¥´Â ºÎºÐ¿¡¼­ ÀÌÇØ°¡ ¾È°¡¼­ Áú¹®µå¸³´Ï´Ù.

xor %eax, %eax       < 0 ´ë½Å eax»ç¿ëÇϱâ À§ÇØ
push %eax              < NULL
push $0x68732f2f    < //sh
push $0x6e69622f    < /bin
mov %esp, %ebx      < /bin//sh ÀÇ Æ÷ÀÎÅÍ
push %eax               < NULL
push %ebx               < /bin//sh ÀÇ Æ÷ÀÎÅÍ
mov %esp, %ecx       < /bin//sh ÀÇ Æ÷ÀÎÅÍÀÇ Æ÷ÀÎÅÍ
-----------------------------------
mov %eax, %edx       < ????
-----------------------------------
mov $0xb, %al          < system call 11 À» Çϱâ À§ÇØ
int $0x80                 < ÀÎÅÍ·´Æ® ( execve ½ÇÇà )

???? ºÎºÐ¿¡´Â Á¦°¡ ¾Ë±â·Ð  execveÀÇ ÀÎÀÚµéÀ» push ÇؾߵǼ­
push %eax   <  NULL
push %ecx   <  /bin//sh ÀÇ Æ÷ÀÎÅÍÀÇ Æ÷ÀÎÅÍ
push %ebx   <  /bin//sh ÀÇ Æ÷ÀÎÅÍ
¸¦ ÇØ¾ß Çϴµ¥ À̰͵éÀ» ½ï »©³õ°í
mov %eax, %edx
¸¸ µé¾î À־ ´çȲ½º·´³×¿ä.

¿Ö ÀÎÀÚ¸¦ push ÇÏ´Â °úÁ¤ÀÌ ºüÁ³À¸¸ç edx¿¡ 0À» ³Ö´Â ÀÌÀ¯´Â ¹ºÁö ±Ã±ÝÇÕ´Ï´Ù.
  Hit : 1786     Date : 2018/12/22 11:34


    
±ºÀÎ ÀÎÅÍ·´Æ®¸¦ ÅëÇÑ ½Ã½ºÅÛ ÄݷΠȣÃâÇϱ⠶§¹®¿¡ ½ºÅÃÀ¸·Î ÀÎÀÚ Àü´ÞÀ» ÇÏ´Â°Ô ¾Æ´Ñ, ·¹Áö½ºÅÍ·Î ÀÎÀÚ¸¦ Àü´ÞÇÏ°Ô µÈ °Ì´Ï´Ù. 2019/01/06  
turttle2s À­ºÎºÐ¿¡¼­ edx´Â »ç¿ëÇÏÁö ¾Ê¾Ò´Âµ¥ ¾î¶»°Ô ÀÎÀÚµéÀÇ Á¤º¸°¡ µé¾î°¡³ª¿ä? 2019/01/11  
turttle2s ¾Æ... ÀÌÁ¦º¸´Ï±î Àú ¸í·ÉÀ» intel ¹®¹ýÀ¸·Î ºÃ³×¿ä.. 2019/11/17  
  shell code ÀÛ¼º[3]     turttle2s
 12/22 1785
1533   ½Ã½ºÅÛ ÇØÅ· Æ÷Æ®Æ÷¿öµù Áú¹®[5]     qwaszx587
 12/20 2037
1532   '½Ã½ºÅÛ ÇØÅ·' À̶ó´Â ¿ë¾î¿¡ ´ëÇؼ­[2]     choboKing
 12/15 2048
1531   pwnable.kr bof ¹®Á¦!!![2]     hackxx123
 12/12 2503
1530   ÅøÅ°µð °ü·Ã Áú¹Ã[2]     qwaszx587
 12/03 2037
1529   ½Ã½ºÅÛ ÇØÅ· : ¸®´ª½º ±âÃÊÆí(¾ÆÀÌÇǺ¸´Â¹ý)[1]     rjsdn1578
 11/03 3340
1528   FTZ level4 Áú¹®[8]     turttle2s
 11/02 1892
1527   RTLÁú¹®![1]     Sp4wn
 10/20 2110
1526   LOB ¼¼±×¸ÕÆ® µðÆúÆ® ¿À·ù.. Á» ¾Ë·ÁÁÖ¼¼¿ä ¤Ð[2]     qustkdrn
 10/06 1673
1525   argv[2]ÀÇ ÁÖ¼Ò¸¦ ¾Ë°í ½Í½À´Ï´Ù.[2]     ka0r1
 09/23 2335
1524   LOB °íºí¸° Ŭ¸®¾î Çß½À´Ï´Ù¸¸ ±Ã±ÝÇÑ°Ô Àֳ׿ä.[3]     ka0r1
 09/23 1909
1523   F.T.Z 14´Ü°è[4]     ka0r1
 09/21 1960
1522   L.O.B goblin[1]     ka0r1
 09/16 1937
1521   Æ÷¸Ë½ºÆ®¸µ Ãë¾àÁ¡ Áú¹®[1]     bufferover
 09/14 2793
1520   ftz level11¹ø ¹®Á¦¿¡ ´ëÇÑ Áú¹®ÀÌ ÀÖ½À´Ï´Ù.[3]     in_reason
 09/10 1875
1519   ftz level4 ÆÄÀÏÀÌ ¾È¸¸µé¾îÁý´Ï´Ù..[1]     m914
 08/20 1779
1518   ftz level5 ¸µÅ©¿À·ù?     don1004
 08/09 1846
1517   ¼¾Å佺¿¡¼­ ¸Æ ¿ø°ÝÁ¢¼Ó     ig0102
 07/21 1996
1516   FTZ level4¹ø ¹®Á¦ ±Ã±ÝÇÑ Á¡ÀÌ ÀÖ¾î Áú¹® µå¸³´Ï´Ù.     in_reason
 07/18 1742
1515   ftz ¸ÆÀ¸·Î ssh Á¢¼Ó [1]     bunggl
 06/30 2362
[1][2] 3 [4][5][6][7][8][9][10]..[79]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org