분석하려다 귀찮아서 대충 생겨먹은거 보니깐 side-channel attack 가능할거 같아서 gdb script를 짯다.
import gdb
import ctypes
import string
Agnes en_US # Isn't it nice to have a computer that will talk to you? | |
Albert en_US # I have a frog in my throat. No, I mean a real frog! | |
Alex en_US # Most people recognize me by my voice. | |
Alice it_IT # Salve, mi chiamo Alice e sono una voce italiana. | |
Alva sv_SE # Hej, jag heter Alva. Jag är en svensk röst. | |
Amelie fr_CA # Bonjour, je m’appelle Amelie. Je suis une voix canadienne. | |
Anna de_DE # Hallo, ich heiße Anna und ich bin eine deutsche Stimme. | |
Bad News en_US # The light you see at the end of the tunnel is the headlamp of a fast approaching train. | |
Bahh en_US # Do not pull the wool over my eyes. | |
Bells en_US # Time flies when you are having fun. |
Agnes en_US # Isn't it nice to have a computer that will talk to you? | |
Albert en_US # I have a frog in my throat. No, I mean a real frog! | |
Alex en_US # Most people recognize me by my voice. | |
Alice it_IT # Salve, mi chiamo Alice e sono una voce italiana. | |
Alva sv_SE # Hej, jag heter Alva. Jag är en svensk röst. | |
Amelie fr_CA # Bonjour, je m’appelle Amelie. Je suis une voix canadienne. | |
Anna de_DE # Hallo, ich heiße Anna und ich bin eine deutsche Stimme. | |
Bad News en_US # The light you see at the end of the tunnel is the headlamp of a fast approaching train. | |
Bahh en_US # Do not pull the wool over my eyes. | |
Bells en_US # Time flies when you are having fun. |
from pwn import * | |
from os import system | |
from time import sleep | |
context.terminal = ['tmux', 'splitw', '-h'] | |
r = process("./zergling") | |
r = remote("1.224.175.13", 30007) | |
for i in xrange(3): |
/** | |
* @file AntiRanSomware user mode engine | |
* @brief | |
* @ref | |
* @author Yonhgwhan, Roh (fixbrain@gmail.com) | |
* @date 2017/01/21 created. | |
* @copyright All rights reserved by Yonghwan, Roh. | |
**/ | |
#pragma once |
source code
https://github.com/junorouse/secuinside2017-pwn1
https://github.com/junorouse/secuinside2017-web1
https://github.com/junorouse/secuinside2017-web-2
desc: caches are deleted every 3 minutes.
""" | |
>>> e = ELF("./babypwn") | |
[*] '/media/psf/Home/junoim/3onedayonepwn/codegate/bp/babypwn' | |
Arch: i386-32-little | |
RELRO: Partial RELRO | |
Stack: Canary found | |
NX: NX enabled | |
PIE: No PIE | |
""" |