출처 : alexpark 님의 github(https://github.com/alexpark07/KISS/blob/master/seeteef/execute_ctf_binary.md)
local test
alex@ubuntu:~/hack/CTF_Code/shellcode$ shellcraft cat ./flag -f r | ./demo -
Read 57 bytes of shell code. Here goes.
~~~ Running shellcode ~~~
The flag is: 54f6ea7093d2582f6b32ed396c048c8a
Segmentation fault
remote test
### alex@ubuntu:~/hack/CTF_Code/shellcode$ cat run.sh
#!/bin/sh
socat TCP-LISTEN:31337,reuseaddr,fork EXEC:"$1"
실행
./run.sh "./demo -"
공격
shellcraft cat ./flag -f r | nc localhost 31337
결과:
alex@ubuntu:~$ shellcraft cat ./flag -f r | nc localhost 31337
The flag is: 54f6ea7093d2582f6b32ed396c048c8astrace 랑 연동
socat TCP-LISTEN:31337,reuseaddr,fork EXEC:"strace -f $1"xinetd랑도 같이 쓸 수 있다.
#/etc/xinetd.d/sb
service sb
{
socket_type = stream
protocol = tcp
user = root
wait = no
server = /root/pwntw/sb/silver_bullet
port = 10101
}
#vi /etc/service
sb 10101/tcp #마지막 라인에 추가.
'Research > Linux' 카테고리의 다른 글
| When sidebar(unity) disappeared in Ubuntu (0) | 2016.05.31 |
|---|---|
| root ssh 접속 차단 (0) | 2015.08.04 |
| 명령어 치환. Command substitution (0) | 2015.06.01 |
| x64 syscall function table (0) | 2015.01.08 |
| ARMv8 Qemu Install Reference (0) | 2014.11.11 |