๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ

    ๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ/๐Ÿ“˜ [STYDY] ๋ฆฌ๋ฒ„์‹ฑ

    [Whois-Internal] "EasyReverseMe" Write-Up

    ํ”„๋กœ๊ทธ๋žจ์„ ๋ฐ”๋กœ ์‹คํ–‰ํ•œ ํ™”๋ฉด์ด๋‹ค. ํŠน์ • ์ˆซ์ž๋ฅผ ๋ฌผ์–ด๋ณด๊ณ , ์ด์— ๋”ฐ๋ฅธ ์ž…๋ ฅ์„ ๋ฐ›๋Š”๋‹ค ์‚ฌ์šฉ์ž์˜ ์ž…๋ ฅ์„ ๋ฐ›์œผ๋ฉด ์•„์‰ฝ๋„ค์š”.. ๋ผ๋Š” ํ…์ŠคํŠธ๋ฅผ ์ถœ๋ ฅํ•œ๋‹ค. ์ด๋ฅผ ํ†ตํ•ด ๋‚˜๋Š” ๋‹ค์Œ 2๊ฐ€์ง€๋ฅผ ์œ ์ถ”ํ–ˆ๋‹ค: 1) ์ฒซ๋ฒˆ์งธ ํ…์ŠคํŠธ๊ฐ€ ์ฐํžˆ๋Š” ๊ณณ์ด main ํ•จ์ˆ˜์ผ ๊ฒƒ์ด๋‹ค 2) ์ž…๋ ฅ๊ฐ’๊ณผ ํŠน์ • ์ˆซ์ž or ๋‚œ์ˆ˜๋ฅผ ๋น„๊ตํ•˜๋Š” ๋ถ€๋ถ„์ด ๋ถ„๋ช… ์กด์žฌํ•  ๊ฒƒ์ด๋‹ค EasyReverseMe.exe ํŒŒ์ผ์„ x64dbg๋กœ ์—ฐ ํ™”๋ฉด์ด๋‹ค. ์œ„์—์„œ ์ƒ๊ฐํ•œ ๋ฐ”์™€ ๊ฐ™์ด ํ™•์ธํ•˜๊ธฐ ์œ„ํ•ด, ์šฐ์„  ์ „์ฒด ํ…์ŠคํŠธ๋ฅผ ์กฐํšŒํ–ˆ๋‹ค. ํ”„๋กœ๊ทธ๋žจ ๋‚ด์˜ ์ „์ฒด ๋ฌธ์ž์—ด๋“ค์„ ํ™•์ธํ•œ ๊ฒฐ๊ณผ์ด๋‹ค. ์•„๊นŒ ํ™•์ธํ•œ ์งˆ์˜๋ฌธ๊ณผ ๋ฐ‘์— ๊ฐœ๋ฐœ์ž๊ฐ€ ์ž…๋ ฅํ•œ ๊ฒƒ์œผ๋กœ ๋ณด์ด๋Š” ๋‹ค์–‘ํ•œ ๋ฌธ์ž์—ด์ด ์กด์žฌํ•œ๋‹ค. ์šฐ์„  main ํ•จ์ˆ˜๋ถ€ํ„ฐ ํ™•์ธํ•˜๊ณ ์ž ์งˆ์˜๋ฌธ์œผ๋กœ ๋“ค์–ด๊ฐ€ ๋ณด์•˜๋‹ค. ์งˆ์˜๋ฌธ์„ ๋”ฐ๋ผ ๋“ค์–ด๊ฐ„ ๊ฒฐ๊ณผ ์˜ˆ์ƒ๋Œ€๋กœ cmp๋ฅผ ํ†ตํ•ด ๊ฐ’์„ ๋น„๊ตํ•˜๋Š” ..

    ๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ/๐Ÿ“˜ [STYDY] ๋ฆฌ๋ฒ„์‹ฑ

    [root-me.org] "reversing - PE x86 -0 protection" Write Up

    ์šฐ์„  ํŒŒ์ผ๋ถ€ํ„ฐ ์—ด์—ˆ๋‹ค. ๋ญ๊ฐ€ ๋งŽ๋‹ค. ๊ฐœ์ซ„๋ฆฐ๋‹ค ์šฐ์„  main ํ•จ์ˆ˜๋ฅผ ์ฐพ์•„์•ผ ํ•˜๊ธฐ ๋•Œ๋ฌธ์— ํ”„๋กœ๊ทธ๋žจ์—์„œ ์‚ฌ์šฉ๋˜๋Š” ๋ชจ๋“  ํ…์ŠคํŠธ๋ฅผ ๊ฒ€์ƒ‰ํ–ˆ๋‹ค ๋ˆ„๊ฐ€๋ด๋„ ์‚ฌ๋žŒ์ด ์“ด ๊ฒƒ ๊ฐ™์€ ์˜์–ด๋ฌธ์žฅ์ด ๋ฐ˜๊ฒจ์ค€๋‹ค. ํ•œ๊ธ€์ด ์•„๋‹ˆ๋ผ ๋‹นํ™ฉํ–ˆ์ง€๋งŒ ์™ธ๊ตญ๋ฌธ์ œ๋‹ˆ ๊ทธ๋Ÿฌ๋ ค๋‹ˆ ํ–ˆ๋‹ค. ์˜์‹ฌ์Šค๋Ÿฌ์šด ๋ฌธ์žฅ๋“ค์ด ๋ชจ์—ฌ์žˆ๋Š” ์œ„์น˜๋กœ ์ด๋™ํ•˜๊ธฐ ์œ„ํ•ด 6๋ฒˆ์งธ ํ•ญ๋ชฉ์„ ๋”๋ธ”ํด๋ฆญ ํ–ˆ๋‹ค. ์ฝ”๋“œ ์œ„๋ฅผ ๋ณด๋‹ˆ push ebp; move ebp esp;๊ฐ€ ์žˆ๋Š” ๊ฒƒ์„ ๋ณด๋‹ˆ ์Šคํƒํ”„๋ ˆ์ž„์ด ์ ์šฉ๋œ ๊ฒƒ ๊ฐ™๋‹ค. ๋‹ค์‹œ ๋งํ•ด ์–ด๋–ค ํ•จ์ˆ˜์˜ ์‹คํ–‰์ด ์‹œ์ž‘๋˜๋Š” ๋ถ€๋ถ„์ด๋‹ˆ, ์ž˜ ์ฐพ์•„ ๋“ค์–ด์˜จ ๋“ฏ ํ•˜๋‹ค. ์—ฌ๊ธฐ๋ถ€ํ„ฐ ํ•œ์ฐธ ํ•ด๋งธ๋‹ค. ์šฐ์„  F8์„ ๋ˆ„๋ฅด๋ฉด์„œ ์ญ‰ ์‹คํ–‰์„ ํ–ˆ๋Š”๋ฐ, ๊ฐ‘์ž๊ธฐ ์ค‘๊ฐ„์— ๋šํ•˜๊ณ  ๊บผ์ ธ๋ฒ„๋ ธ๋‹ค. ๋‹นํ™ฉํ•˜์—ฌ ํ•จ์ˆ˜ ์‹œ์ž‘๋ถ€๋ถ„์— Breakpoint ๊ฑธ๊ณ  ๊ณ„์† ์‹คํ–‰์„ ํ–ˆ๊ณ , ๋‚˜์ค‘์—๋Š” ์ฐฝ์ด ์•„๋ž˜์™€ ๊ฐ™์ด ๋ฐ”๋€Œ์—ˆ๋‹ค: ๋ช‡๋ฒˆ ๋Œ๋ ค..

    ๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ/๐Ÿ“˜ [STYDY] ๋ฆฌ๋ฒ„์‹ฑ

    [ Assembly ] ์–ด์…ˆ๋ธ”๋ฆฌ ํ•ธ๋“œ๋ ˆ์ด

    Q1 |----------------- Q1 : push ebp mov ebp,esp sub esp,0x10 mov DWORD PTR [ebp-0x4],0xa mov eax,DWORD PTR [ebp-0x4] mov DWORD PTR [ebp-0x8],eax mov eax,DWORD PTR [ebp-0x8] imul eax,eax,0x17 mov DWORD PTR [ebp-0x8],eax mov eax,DWORD PTR [ebp-0x8] sub eax,DWORD PTR [ebp-0x4] mov DWORD PTR [ebp-0xc],eax mov eax,DWORD PTR [ebp-0xc] cdq idiv DWORD PTR [ebp-0x4] mov DWORD PTR [ebp-0x4],eax mov eax,0x..

    ๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ/๐Ÿ“˜ [STUDY] ์ทจ์•ฝ์ 

    [ SQL Injection ] webhacking.kr - 21

    # reference: https://wisdom-990629.tistory.com/entry/Webhackingkr-old-02%EB%B2%88-%EB%AC%B8%EC%A0%9C-%ED%92%80%EC%9D%B4-1 [Webhacking.kr] old-21๋ฒˆ ๋ฌธ์ œ ํ’€์ด ์•ˆ๋…•ํ•˜์„ธ์š” (*๏ฟฃ3๏ฟฃ)โ•ญ ์˜ค๋Š˜๋„ ์ƒˆ๋กœ์šด ๋ฌธ์ œ๋ฅผ ํ’€์–ด๋ณด์•˜์Šต๋‹ˆ๋‹น! https://webhacking.kr/challenge/bonus-1/ Challenge 21 webhacking.kr ๋ฌธ์ œ์ž…๋‹ˆ๋‹ค! ์•„๋ฌด ๋ฌธ์ œ๋‚˜ ๊ณ ๋ฅธ๋‹ค๊ณ  ๊ณจ๋ž๋Š”๋ฐใ…  ๋˜ blind sql injection ๋ฌธ.. wisdom-990629.tistory.com ์•„์ง ๋ฌธ์ œํ’€์ด๋ฅผ ์ดํ•ดํ•˜์ง€๋„, ์™œ ๋˜๋Š”์ง€๋„ ์ดํ•ดํ•˜์ง€ ๋ชปํ–ˆ๋‹ค (๋‹ค์‹œ ํ’€์–ด๋ด์•ผ ํ•จ)

    ๐Ÿ” ๋ณด์•ˆ,์ •๋ณด๋ณดํ˜ธ/๐Ÿ“˜ [STUDY] ํฌ๋ Œ์‹

    [ Forensic ] ์Šคํ„ฐ๋””๋งต

    # ๋ฌธ์ œ๋ชจ์Œ 1. Suninatas ( http://suninatas.com ) ใ„ด 21๋ฒˆ | https://devwaffle.tistory.com/15 ใ„ด 30๋ฒˆ | https://devwaffle.tistory.com/23 2. XCZ ( http://xcz.kr ) 3. DigitalForensic with CTF ( http://www.ctf-d.com/Notice ) 4. Cyber Defenders ( https://learn.cyberdefenders.org/ ) 5. Dreamhack ( https://dreamhack.io/wargame/challenges/?tag=&page=1 ) 6. N0Named Wargame ( http://ctf.no-named.kr:1234/ ) ใ„ด Magic..

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”