LEVEL16 (assassin -> zombie_assassin) : fake ebp
zombie_assassin.c #include #include main(int argc, char *argv[]){ char buffer[40]; if(argc < 2){ printf("argv error\n"); exit(0); } if(argv[1][47] == '\xbf') { printf("stack retbayed you!\n"); exit(0); } if(argv[1][47] == '\x40') { printf("library retbayed you, too!!\n"); exit(0); } // strncpy instead of strcpy! strncpy(buffer, argv[1], 48); printf("%s\n", buffer);} zombie_assassin은 strcpy가 아닌 s..
SYSTEM/bof
2013. 8. 23. 16:50
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday