분류 전체보기
[Phoenix] Format one
1. intro 2. code 및 분석 2.1. C code /* * phoenix/format-one, by https://exploit.education * * Can you change the "changeme" variable? * * Why did the Tomato blush? It saw the salad dressing! */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.education" int main(int argc, char **argv) { struct { char dest[32]; volatile int c..
[Phoenix] Format zero
1. intro 2. code 및 분석 2.1. C code /* * phoenix/format-zero, by https://exploit.education * * Can you change the "changeme" variable? * * 0 bottles of beer on the wall, 0 bottles of beer! You take one down, and * pass it around, 4294967295 bottles of beer on the wall! */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.educ..
[Phoenix] Stack six
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-six, by https://exploit.education * * Can you execve("/bin/sh", ...) ? * * Why do fungi have to pay double bus fares? Because they take up too * mushroom. */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.education" char *what = GREET; char *greet(char *who) { char buf..
[Phoenix] Stack five
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-five, by https://exploit.education * * Can you execve("/bin/sh", ...) ? * * What is green and goes to summer camp? A brussel scout. */ #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.education" char *gets(char *); void start_level() { char buffer[128]; gets(buffer); } int main(i..
[Phoenix] Stack four
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-four, by https://exploit.education * * The aim is to execute the function complete_level by modifying the * saved return address, and pointing it to the complete_level() function. * * Why were the apple and orange all alone? Because the bananna split. */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", b..
[Phoenix] Stack three
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-three, by https://exploit.education * * The aim is to change the contents of the changeme variable to 0x0d0a090a * * When does a joke become a dad joke? * When it becomes apparent. * When it's fully groan up. * */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.educatio..
[phoenix] Stack Two
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-two, by https://exploit.education * * The aim is to change the contents of the changeme variable to 0x0d0a090a * * If you're Russian to get to the bath room, and you are Finnish when you get * out, what are you when you are in the bath room? * * European! */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ..
[Phoenix] Stack One
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-one, by https://exploit.education * * The aim is to change the contents of the changeme variable to 0x496c5962 * * Did you hear about the kid napping at the local school? * It's okay, they woke up. * */ #include #include #include #include #include #define BANNER \ "Welcome to " LEVELNAME ", brought to you by https://exploit.education" int main..
[Phoenix] Stack Zero
1. intro 2. code 및 분석 2.1. C code /* * phoenix/stack-zero, by https://exploit.education * * The aim is to change the contents of the changeme variable. * * Scientists have recently discovered a previously unknown species of * kangaroos, approximately in the middle of Western Australia. These * kangaroos are remarkable, as their insanely powerful hind legs give them * the ability to jump higher t..
Phoenix 환경 설정 및 참고사항.
* QEMU 보통 vmware로 제공되는데, phoenix의 경우 QEMU로 실행되기 때문에 처음 접하면 초기 셋업이 다소 생소하다. 1. linux 우선 터미널에서 qemu 설치한다. sudo apt update sudo apt install qemu sudo apt install qemu-system 아래 site에서 이미지를 다운 받고 Downloads :: Andrew Griffiths' Exploit Education Downloads :: Andrew Griffiths' Exploit Education Downloads Phoenix v1.0.0-alpha-3, 16th January 2019 For information about what’s changed, please see the Pho..