목록LoB (11)

Phantom

[Giant] giant -> assassin 풀이

Colored By Color Scripter™123456789101112131415161718192021222324252627282930313233343536/* The Lord of the BOF : The Fellowship of the BOF - assassin - no stack, no RTL*/ #include #include main(int argc, char *argv[]){ char buffer[40]; if(argc
Pwnable/[Wargame]Load of Bof 2015. 1. 8. 16:17
[Bugbear] bugbear -> giant 풀이

Colored By Color Scripter™12345678910111213141516171819202122232425262728293031323334353637383940414243444546/* The Lord of the BOF : The Fellowship of the BOF - giant - RTL2*/ #include #include #include main(int argc, char *argv[]){ char buffer[40]; FILE *fp; char *lib_addr, *execve_offset, *execve_addr; char *ret; if(argc
Pwnable/[Wargame]Load of Bof 2015. 1. 7. 21:44
[Darkknight] darkknight -> bugbear 풀이

Colored By Color Scripter™12345678910111213141516171819202122232425262728/* The Lord of the BOF : The Fellowship of the BOF - bugbear - RTL1*/ #include #include main(int argc, char *argv[]){ char buffer[40]; int i; if(argc
Pwnable/[Wargame]Load of Bof 2015. 1. 6. 13:38
[Golem] golem -> darkknight 풀이

Colored By Color Scripter™12345678910111213141516171819202122232425/* The Lord of the BOF : The Fellowship of the BOF - darkknight - FPO*/ #include #include void problem_child(char *src){ char buffer[40]; strncpy(buffer, src, 41); printf("%s\n", buffer);} main(int argc, char *argv[]){ if(argc
Pwnable/[Wargame]Load of Bof 2015. 1. 5. 22:26
[Skelton] skeleton -> golem 풀이

문제 소스 보기Colored By Color Scripter™12345678910111213141516171819202122232425262728293031323334/* The Lord of the BOF : The Fellowship of the BOF - golem - stack destroyer*/ #include #include extern char **environ; main(int argc, char *argv[]){ char buffer[40]; int i; if(argc
Pwnable/[Wargame]Load of Bof 2014. 8. 20. 22:15
[Troll] troll -> vampire 풀이

문제 소스 보기Colored By Color Scripter™12345678910111213141516171819202122232425262728293031323334/* The Lord of the BOF : The Fellowship of the BOF - vampire - check 0xbfff*/ #include #include main(int argc, char *argv[]){ char buffer[40]; if(argc
Pwnable/[Wargame]Load of Bof 2014. 8. 4. 01:01
[Orge] orge -> troll 풀이

문제 소스 보기Colored By Color Scripter™1234567891011121314151617181920212223242526272829303132333435363738394041424344454647/* The Lord of the BOF : The Fellowship of the BOF - troll - check argc + argv hunter*/ #include #include extern char **environ; main(int argc, char *argv[]){ char buffer[40]; int i; // here is changed if(argc != 2){ printf("argc must be two!\n"); exit(0); } // egghunter for(i=0..
Pwnable/[Wargame]Load of Bof 2014. 7. 31. 17:28
[Darkelf] darkelf -> orge 풀이

문제 소스 보기Colored By Color Scripter™ 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849/* The Lord of the BOF : The Fellowship of the BOF - orge - check argv[0]*/ #include #include extern char **environ; main(int argc, char *argv[]){ char buffer[40]; int i; if(argc 48){ printf("argument is too long!\n"); exit(0); } strcpy(buffer, argv[1]); printf("%s\n", buff..
Pwnable/[Wargame]Load of Bof 2014. 7. 30. 17:22
[Orc] orc -> wolfman 풀이

문제 소스 보기Wolfman.cColored By Color Scripter™123456789101112131415161718192021222324252627282930313233343536/* The Lord of the BOF : The Fellowship of the BOF - wolfman - egghunter + buffer hunter*/ #include #include extern char **environ; main(int argc, char *argv[]){ char buffer[40]; int i; if(argc
Pwnable/[Wargame]Load of Bof 2014. 7. 23. 18:06
[Goblin] cobolt -> goblin 풀이

문제 소스 보기 goblin.c1234567int main(){ char buffer[16]; gets(buffer); printf("%s\n", buffer); }이번 문제는 전단계의 문제와 비슷하나 argv[1]로받는것이아닌 gets로 받는다 버퍼는 전단계와 같이 16이다. gdb로 goblin을 분석해보자[cobolt@localhost cobolt]$ gdb -q g0blin (gdb) set disassembly-flavor intel (gdb) disas mainDump of assembler code for function main:0x80483f8 :push %ebp0x80483f9 :mov %ebp,%esp0x80483fb :sub %esp,16 //함수 프롤로그 과정 16의 크기를 확보하..
Pwnable/[Wargame]Load of Bof 2014. 7. 15. 18:29
Prev 1 2 Next