본문 바로가기

Security/System Hacking

[System Hacking] 8. Several System Tricks 보호되어 있는 글입니다. 더보기
[System Hacking] 7. Several Leaking & Stack Smashing Techniques 보호되어 있는 글입니다. 더보기
[System Hacking] 6. SigReturn Oriented Programming SigReturn Oriented ProgrammingThis time I gonna post about SROP on x86, x86-64 linux(ubuntu). When i solved pwnable.kr 'unexploitable' challenge, there are over 2-way solutions. one is SROP(original intend) and another is ROP. So, i just decided to post 'SROP' tech. Surely there are differences, ROP and SROP. In short, when doing SROP, all we need is 'int 0x80;ret' and control of eax gadgets lik.. 더보기
[System Hacking] 5. Return Oriented Programming Return Oriented ProgrammingThis time i gonna introduce about ROP attack(Return Oriented Programming). Before doing ROP, there are prior knowledges. 'RTL Chaining', 'GOT Overwrite/Dereference', 'Gadget', etc... - RTL Chaining'RTL Chaining' means continuously executed RTL. By using pop-..-ret gadget, function's arguments will be popped by 'pop' and next function will be executed by 'ret'. and goin.. 더보기
[System Hacking] 4. Memory Mitigations on Linux and Windows Memory Mitigations on Linux and WindowsThere are lots of memory mitigations on operation system like linux and windows. There are ASLR, NX, SSP(Stack Canary), PIE, etc... - On Linux1. ASLR(Address Space Layout Randomize)Enables randomization of memory allocation segments like stack, heap, vsdo, mmap, etc... So those base addresses will be randomize each every time. And we can set the value that .. 더보기