2016/12 썸네일형 리스트형 [2016/12/27] ~ 2016/12/31 보호되어 있는 글입니다. 더보기 [System Hacking] 4. Memory Mitigations on Linux and Windows Memory Mitigations on Linux and WindowsThere are lots of memory mitigations on operation system like linux and windows. There are ASLR, NX, SSP(Stack Canary), PIE, etc... - On Linux1. ASLR(Address Space Layout Randomize)Enables randomization of memory allocation segments like stack, heap, vsdo, mmap, etc... So those base addresses will be randomize each every time. And we can set the value that .. 더보기 [System Hacking] 3. Return To Library(RTL) Return To LibraryThis time, i gonna introduce about RTL attack techniques(Return To Library). This technique is usually used to bypass memory mitigation, NX(Non eXecutable). When NX is enabled, there isn't 'eXecutable' permission so even shellcode that executes /bin/sh is in stack, it won't be executed.Then, what is RTL? RTL is a technique that overwriting RET with library function address like .. 더보기 [System Hacking] 2. Basic Format String Bug Basic Format String Bug This time, i gonna introduce about FSB(Format String Bug) exploit technique. Before i introduce about a technique, let's see what kind of format strings are there.There are lots of format strings but let's see just 2 format strings what we mainly need. 123format string Value Output %n number of bytes written so far writes the number of bytes till the format string to memo.. 더보기 [System Hacking] 1. Basic Buffer Over Flow Exploit Basic Buffer Over Flow Exploit Today, i gonna introduce about BOF(Buffer Over Flow) Exploit Techniques. Buffer Over Flow means putting more data than limited size, so we can overwrite next buffer data. and next buffer data could be the other data or RET. That is real purpose of us.All we need to do is just finding vulnerable codes that allow us to overwrite next data caused by misusing kind of i.. 더보기 이전 1 2 3 다음