123456int __cdecl main(int argc, const char **argv, const char **envp){ be_nice_to_people(); vulnerable_function(); return write(1, "Hello, World\n", 0xDu);}Colored by Color Scriptercs 123456ssize_t vulnerable_function(){ char buf; // [esp+10h] [ebp-88h] return read(0, &buf, 0x100u);}Colored by Color Scriptercs rop1과 rop2에는 not_called함수가 있었다. not_called를 직접 호출하거나 not_called 안에 system함수가 있었기때문에 s..

123456int __cdecl main(int argc, const char **argv, const char **envp){ be_nice_to_people(); vulnerable_function(); return write(1, "Hello, World\n", 0xDu);}Colored by Color Scriptercs 123456ssize_t vulnerable_function(){ char buf; // [esp+10h] [ebp-88h] return read(0, &buf, 0x100u);}Colored by Color Scriptercs 1234int not_called(){ return system("/bin/date");}cs rop1과 매우 비슷하다. not_called가 syste..

123456int __cdecl main(int argc, const char **argv, const char **envp){ be_nice_to_people(); vulnerable_function(); return write(1, "Hello, World\n", 0xDu);}Colored by Color Scriptercs 123456ssize_t vulnerable_function(){ char buf; // [esp+10h] [ebp-88h] return read(0, &buf, 0x100u);}Colored by Color Scriptercs 1234int not_called(){ return system("/bin/bash");}cs vulnerable_function에서 buf 오버플로우가..