catle

    [FC3] Level 5. evil_wizard → dark_stone

    [FC3] Level 5. evil_wizard → dark_stone

    dark_stone keyword : POP POP RET / Remote /* The Lord of the BOF : The Fellowship of the BOF - dark_stone - Remote BOF on Fedora Core 3 - hint : GOT overwriting again - port : TCP 8888 */ #include // magic potion for you from socket import * void pop_pop_ret(void) { asm("pop %eax"); asm("pop %eax"); asm("ret"); } int main() { char buffer[256]; char saved_sfp[4]; int length; char temp[1024]; prin..

    [FC3] Level 4. hell_fire → evil_wizard

    [FC3] Level 4. hell_fire → evil_wizard

    evil_wizard keyword : POP POP RET /* The Lord of the BOF : The Fellowship of the BOF - evil_wizard - Local BOF on Fedora Core 3 - hint : GOT overwriting */ // magic potion for you void pop_pop_ret(void) { asm("pop %eax"); asm("pop %eax"); asm("ret"); } int main(int argc, char *argv[]) { char buffer[256]; char saved_sfp[4]; int length; if(argc < 2){ printf("argv error\n"); exit(0); } // for distu..

    [FC3] Level 1. gate → iron_golem

    [FC3] Level 1. gate → iron_golem

    iron_golem keyword : Fake_SFP + Ascii /* The Lord of the BOF : The Fellowship of the BOF - iron_golem - Local BOF on Fedora Core 3 - hint : fake ebp */ int main(int argc, char *argv[]) { char buffer[256]; if(argc < 2){ printf("argv error\n"); exit(0); } strcpy(buffer, argv[1]); printf("%s\n", buffer); } f6dea000-f6df1000 rw-p f6dea000 00:00 0 f6df1000-f6df7000 r--s 00000000 fd:00 572196 /usr/lib..

    [FC3] Fedora Catle 3

    [FC3] Fedora Catle 3

    [FC3 - 총 5문제] FC1~FC3까지 동일 환경이기 때문에 FC3 환경에서부터 시작합니다. [주소] http://hackerschool.org/TheLordofBOF/VM_FC3.zip [환경 요약] Stack Dummy : O Down privileage of bash : O Random Stack : O Random Library : X Random Program Binary Mapped : X ASCII Armor : O Non-Executable Stack : O Non-Executable Heap : O Stack Carany : X Stack Smashing Protector : X [몹들] gate -> iron_golem : Fake_SFP + Ascii Armor iron_golem..