level 9 -> 10 [vampire@localhost vampire]$ cat skeleton.c /* The Lord of the BOF : The Fellowship of the BOF - skeleton - argv hunter*/ #include #include extern char **environ; main(int argc, char *argv[]){char buffer[40];int i, saved_argc; if(argc < 2){printf("argv error\n");exit(0);} // egghunter for(i=0; environ[i]; i++)memset(environ[i], 0, strlen(environ[i])); if(argv[1][47] != '\xbf'){printf("stack is s.. 더보기 level 8 -> 9 [troll@localhost test]$ cat ../vampire.c /* The Lord of the BOF : The Fellowship of the BOF - vampire - check 0xbfff*/ #include #include main(int argc, char *argv[]){char buffer[40]; if(argc < 2){printf("argv error\n");exit(0);} if(argv[1][47] != '\xbf'){printf("stack is still your friend.\n");exit(0);} // here is changed! if(argv[1][46] == '\xff') { printf("but it's not forever\n"); exit(0); } .. 더보기 level 7 -> 8 [orge@localhost orge]$ cat troll.c /* The Lord of the BOF : The Fellowship of the BOF - troll - check argc + argv hunter*/ #include #include extern char **environ; main(int argc, char *argv[]){char buffer[40];int i; // here is changedif(argc != 2){printf("argc must be two!\n");exit(0);} // egghunter for(i=0; environ[i]; i++)memset(environ[i], 0, strlen(environ[i])); if(argv[1][47] != '\xbf'){pri.. 더보기 이전 1 ··· 16 17 18 19 20 21 22 ··· 27 다음
