Wargame/LOB_FC7 [LOB_FC4] cruel -> enigma enigma.c의 소스는 아래와 같다. /* The Lord of the BOF : The Fellowship of the BOF - enigma - Remote BOF on Fedora Core 4 - hint : ? - port : TCP 7777 */ #include #include #include #include int vuln(int canary,char *ptr) { char buffer[256]; int *ret; // stack overflow!! strcpy(buffer,ptr); // overflow protected if(canary != 0x31337) { printf("who broke my canary?!"); exit(1); } // preventing RTL ret = &ca.. 2012. 8. 24. [LOB_FC4] dark_stone -> cruel cruel.c의 소스는 아래와 같다. /* The Lord of the BOF : The Fellowship of the BOF - cruel - Local BOF on Fedora Core 4 - hint : no more fake ebp, RET sleding on random library */ #include #include #include int main(int argc, char *argv[]) { char buffer[256]; if(argc < 2){ printf("argv error\n"); exit(0); } strcpy(buffer, argv[1]); printf("%s\n", buffer); } Fedoa Core4 환경에서의 간단한 stack overflow이다. FC3에서 달라진.. 2012. 8. 20. [LOB_FC3] evil_wizard->dark_stone dark_stone.c의 소스는 아래와 같다. /* The Lord of the BOF : The Fellowship of the BOF - dark_stone - Remote BOF on Fedora Core 3 - hint : GOT overwriting again - port : TCP 8888 */ #include // magic potion for you void pop_pop_ret(void) { asm("pop %eax"); asm("pop %eax"); asm("ret"); } int main() { char buffer[256]; char saved_sfp[4]; int length; char temp[1024]; printf("dark_stone : how fresh meat you a.. 2012. 8. 18. 이전 1 2 다음