'War game' 카테고리의 글 목록 (3 Page)

/* The Lord of the BOF : The Fellowship of the BOF - cruel - Local BOF on Fedora Core 4 - hint : no more fake ebp, RET sleding on random library*/ #include #include #include int main(int argc, char *argv[]){ char buffer[256]; if(argc < 2){ printf("argv error\n"); exit(0); } strcpy(buffer, argv[1]); printf("%s\n", buffer);} 주어진 힌트대로 풀자면 random library 주소가 ebp+8이 될때까지 ret sleding으로 esp를 내리고 execl을..

War game/해커 스쿨 FC4 2015. 8. 25. 19:17

[ Fedora Core 3 ] dark_stone -> Clear !!

#include // magic potion for youvoid pop_pop_ret(void){ asm("pop %eax"); asm("pop %eax"); asm("ret");} int main(){ char buffer[256]; char saved_sfp[4]; int length; char temp[1024]; printf("dark_stone : how fresh meat you are!\n"); printf("you : "); fflush(stdout); // give me a food fgets(temp, 1024, stdin); // for disturbance RET sleding length = strlen(temp); // save sfp memcpy(saved_sfp, buffe..

War game/해커 스쿨 FC3 2015. 8. 23. 22:57

[ Fedora Core 3] hell_fire -> evil_wizard

/* The Lord of the BOF : The Fellowship of the BOF - evil_wizard - Local BOF on Fedora Core 3 - hint : GOT overwriting*/ // magic potion for youvoid pop_pop_ret(void){ asm("pop %eax"); asm("pop %eax"); asm("ret");} int main(int argc, char *argv[]){ char buffer[256]; char saved_sfp[4]; int length; if(argc < 2){ printf("argv error\n"); exit(0); } // for disturbance RET sleding length = strlen(argv..

War game/해커 스쿨 FC3 2015. 8. 23. 21:18

Prev 1 2 3 4 5 6 Next

목록War game (54)

둘둘리둘둘리둘둘리둘둘리둘둘리둘

티스토리툴바