FILE <== _IO_FILE
char* _IO_read_ptr; /* Current read pointer */
char* _IO_read_end; /* End of get area. */
char* _IO_read_base; /* Start of putback+get area. */
char* _IO_write_base; /* Start of put area. */
char* _IO_write_ptr; /* Current put pointer. */
char* _IO_write_end; /* End of put area. */
char* _IO_buf_base; /* Start of reserve area. */
char* _IO_buf_end; /* End of reserve area. */
char *_IO_save_base; /* Pointer to start of non-current get area. */
char *_IO_backup_base; /* Pointer to first valid character of backup area */
char *_IO_save_end; /* Pointer to end of non-current get area. */
struct _IO_marker *_markers;
struct _IO_FILE *_chain;
int _fileno;
printf("_IO_read_ptr; %x\n"
"_IO_read_end; %x\n"
"_IO_read_base; %x\n"
"_IO_write_base; %x\n"
"_IO_write_ptr; %x\n"
"_IO_write_end; %x\n"
"_IO_buf_base; %x\n"
"_IO_buf_end; %x\n"
"_IO_save_base; %x\n"
"_IO_backup_base; %x\n"
"_IO_save_end; %x\n"
"_fileno : %x\n",
fp->_IO_read_ptr,
fp->_IO_read_end,
fp->_IO_read_base,
fp->_IO_write_base,
fp->_IO_write_ptr,
fp->_IO_write_end,
fp->_IO_buf_base,
fp->_IO_buf_end,
fp->_IO_save_base,
fp->_IO_backup_base,
fp->_IO_save_end,
fp->_fileno);
'Research > Pwnable' 카테고리의 다른 글
| Format String Bug python frame (0) | 2014.06.27 |
|---|---|
| 보호기법 정리중 (2) | 2014.04.24 |
| SHA 512, /etc/shadow decrypt (0) | 2014.01.12 |
| FreeBSD 에서 proc 디렉토리에 PID 가 없을때 (0) | 2013.11.07 |
| [shellcode] FreeBSD x86 Reverse Read shell (0) | 2013.08.06 |