전체 글

정보보안 블로그!
공부/Write-up

[DreamHack] rev-basic-4

풀이 : www.notion.so/DreamHack-rev-basic-4-9cfd2a8d611c4bc5955bd3d6e34a87fd [DreamHack] rev-basic-4 EXEINFO www.notion.so

공부/Write-up

[DreamHack] basic_exploitation_002

www.notion.so/DreamHack-basic_exploitation_002-372ea10bb46447ee9ca75f703ca3cd0f

스크랩

VMware 취약점 주의…해커들 쇼단 사용해 취약한 서버 찾는 중(CVE-2021-21972)

www.dailysecu.com/news/articleView.html?idxno=121284 VMware 취약점 주의…해커들 쇼단 사용해 취약한 서버 찾는 중 - 데일리시큐 중국 보안연구원이 VMware(브이엠웨어) 센터의 CVE-2021-21972 취약점에 대한 PoC(개념 증명 익스플로잇) 코드를 게시했으며 수천 개의 취약한 서버가 온라인에 노출되었다.이 서버는 VMware용 중앙 집중 www.dailysecu.com https://www.vmware.com/security/advisories/VMSA-2021-0002.htmlwww.vmware.com/security/advisories/VMSA-2021-0002.html Proof of concept At the time this blog pos..

스크랩

Windows 10 bug corrupts your hard drive on seeing this file's icon

www.bleepingcomputer.com/news/security/windows-10-bug-corrupts-your-hard-drive-on-seeing-this-files-icon/?fbclid=IwAR2AZTxFkN1Dp-LmcTycr_e1F4l5EpDPsEiU7Etswe9PLksb1KLxr8MxTWw Windows 10 bug corrupts your hard drive on seeing this file's icon An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. www.bleepingcomputer.com

스크랩

Finding Forensic Goodness In Obscure Windows Event Logs

nasbench.medium.com/finding-forensic-goodness-in-obscure-windows-event-logs-60e978ea45a3 Finding Forensic Goodness In Obscure Windows Event Logs Digital Forensics and Threat Hunting for Artifacts In Obscure Windows Event Logs nasbench.medium.com

스크랩

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

www.bleepingcomputer.com/news/security/google-shares-poc-exploit-for-critical-windows-10-graphics-rce-bug/?fbclid=IwAR17UygrvOGVZ3LDH1whw2uMSWnCCHA6wCNC7KcAYI-xrVcje_yPB9Jzi8k Google shares PoC exploit for critical Windows 10 Graphics RCE bug Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) b..

공부/Write-up

[DreamHack] basic_exploitation_001

www.notion.so/DreamHack-basic_exploitation_001-2042f71772224b0a880175f9f5082b0e [DreamHack] basic_exploitation_001 NX가 enabled이므로 ShellCode 실행 불가. www.notion.so

공부/Write-up

[DreamHack] basic_exploitation_000

www.notion.so/DreamHack-basic_exploitation_000-9a65dbf0a4d24a6994fe559291e685f4 [DreamHack] basic_exploitation_000 NX가 disabled이므로 ShellCode의 실행이 가능해짐. www.notion.so

공부/Write-up

[DreamHack] rev-basic-3

메모리에 있는 값과 (i xor 입력한 문자) + i*2비교 한다. 따라서 그냥 역연산하면 flag를 얻을 수 있다. (메모리에 있는 값 - i*2) xor i

공부/Write-up

[DreamHack] rev-basic-2

Source Code into Compare_str() &aC에 저장된 문자열과 a1(사용자 입력 값)을 하나씩 비교 &aC에 저장된 값을 확인 Clear;

a2sembly
CALL DWORD PTR DS:[a2sembly]