[DreamHack] rev-basic-4
풀이 : www.notion.so/DreamHack-rev-basic-4-9cfd2a8d611c4bc5955bd3d6e34a87fd [DreamHack] rev-basic-4 EXEINFO www.notion.so
풀이 : www.notion.so/DreamHack-rev-basic-4-9cfd2a8d611c4bc5955bd3d6e34a87fd [DreamHack] rev-basic-4 EXEINFO www.notion.so
www.notion.so/DreamHack-basic_exploitation_002-372ea10bb46447ee9ca75f703ca3cd0f
www.dailysecu.com/news/articleView.html?idxno=121284 VMware 취약점 주의…해커들 쇼단 사용해 취약한 서버 찾는 중 - 데일리시큐 중국 보안연구원이 VMware(브이엠웨어) 센터의 CVE-2021-21972 취약점에 대한 PoC(개념 증명 익스플로잇) 코드를 게시했으며 수천 개의 취약한 서버가 온라인에 노출되었다.이 서버는 VMware용 중앙 집중 www.dailysecu.com https://www.vmware.com/security/advisories/VMSA-2021-0002.htmlwww.vmware.com/security/advisories/VMSA-2021-0002.html Proof of concept At the time this blog pos..
www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/?fbclid=IwAR2AZTxFkN1Dp-LmcTycr_e1F4l5EpDPsEiU7Etswe9PLksb1KLxr8MxTWw Windows 10 bug corrupts your hard drive on seeing this file's icon An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. www.bleepingcomputer.com
nasbench.medium.com/finding-forensic-goodness-in-obscure-windows-event-logs-60e978ea45a3 Finding Forensic Goodness In Obscure Windows Event Logs Digital Forensics and Threat Hunting for Artifacts In Obscure Windows Event Logs nasbench.medium.com
www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/?fbclid=IwAR17UygrvOGVZ3LDH1whw2uMSWnCCHA6wCNC7KcAYI-xrVcje_yPB9Jzi8k Google shares PoC exploit for critical Windows 10 Graphics RCE bug Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) b..
www.notion.so/DreamHack-basic_exploitation_001-2042f71772224b0a880175f9f5082b0e [DreamHack] basic_exploitation_001 NX가 enabled이므로 ShellCode 실행 불가. www.notion.so
www.notion.so/DreamHack-basic_exploitation_000-9a65dbf0a4d24a6994fe559291e685f4 [DreamHack] basic_exploitation_000 NX가 disabled이므로 ShellCode의 실행이 가능해짐. www.notion.so
메모리에 있는 값과 (i xor 입력한 문자) + i*2비교 한다. 따라서 그냥 역연산하면 flag를 얻을 수 있다. (메모리에 있는 값 - i*2) xor i
Source Code into Compare_str() &aC에 저장된 문자열과 a1(사용자 입력 값)을 하나씩 비교 &aC에 저장된 값을 확인 Clear;