LEVEL14 (bugbear -> giant) : RTL2, only execve
#include #include #include main(int argc, char *argv[]) { char buffer[40]; FILE *fp; char *lib_addr, *execve_offset, *execve_addr; char *ret; if(argc < 2){ printf("argv error\n"); exit(0); } // gain address of execve fp = popen("/usr/bin/ldd /home/giant/assassin | /bin/grep libc | /bin/awk '{print $4}'", "r"); fgets(buffer, 255, fp); sscanf(buffer, "(%x)", &lib_addr); fclose(fp); fp = popen("/us..
SYSTEM/bof
2013. 7. 19. 14:02
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday