graduate school of information security min chul, kim hacking – the art of exploitation ox28o...
TRANSCRIPT
![Page 1: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/1.jpg)
Graduate School of Information Security
MIN CHUL, KIM
HACKING – THE ART OF EXPLOITATIONOx28O BUILDING ON BASIC - ANALYSIS SOURCE CODE
![Page 2: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/2.jpg)
CONTENTS• Simplenote.c• Bitwise.c• Functioncontrol_flags.c• UserID_demo.c• Notetaker.c• Notesearch.c • Time_example.c• Functionponter_example.c• Rand_example.c• Game_of_chance.c
![Page 3: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/3.jpg)
SIMPLENOTE.C
Permission part
![Page 4: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/4.jpg)
IMPLEMENT SIMPLENOTE.C
![Page 5: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/5.jpg)
IMPLEMENT SIMPLENOTE.C
BUFFER OVER-FLOW
memory
File save location
Buffer destination
Buffer start
![Page 6: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/6.jpg)
IMPLEMENT SIMPLENOTE.C
![Page 7: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/7.jpg)
BITWISE.C
i 1 2 a=i&2 b=i&1
0 00 01 10 0 0
1 01 01 10 0 1
2 10 01 10 1 0
3 11 01 10 1 1
![Page 8: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/8.jpg)
IMPLEMENT BITWISE.C
![Page 9: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/9.jpg)
FUNCTIONCONTROL_FLAGS.C
♧
mask shift
♧
value=0
![Page 10: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/10.jpg)
IMPLEMENT FCNTL_FLAGS.C
![Page 11: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/11.jpg)
FILE PERMISSIONS
-rw-r-r-- 1 nare nare 1872 2014-09-17 12:57simplenote.
c
permission link user group file size date time file nameDe-tail
![Page 12: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/12.jpg)
FILE PERMISSIONS
ownership group othersr
readw
writex
operate r w x r w x
4 2 1 4 - 1 - 2 -7 5 2
Change ownership chown [ownership][.group] [file name]
Change permission chmod [number or symbol] [file name]
-rw-r-r-- 1 nare nare 1872 2014-09-17 12:57simplenote.
c
permission link user group file size date time file name
Symbol u ownership + add permission
g group - del permission
o others = only permission
a all s file owned user
![Page 13: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/13.jpg)
USER IDs
Change shell user login shell
![Page 14: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/14.jpg)
USER IDs
Locked
![Page 15: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/15.jpg)
HACKING.h
Making header file
Easy to use function
![Page 16: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/16.jpg)
NOTETAKER.c
![Page 17: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/17.jpg)
IMPLEMENT NOTETAKER.c
User id
![Page 18: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/18.jpg)
NOTESEARCH.c
![Page 19: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/19.jpg)
NOTESEARCH.c
![Page 20: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/20.jpg)
NOTESEARCH.c
![Page 21: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/21.jpg)
IMPLEMENT NOTESEARCH.c
Independent
![Page 22: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/22.jpg)
TIME_EXAMPLE.C
![Page 23: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/23.jpg)
TIME_EXAMPLE2.C
![Page 24: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/24.jpg)
IMPLEMENT TIME_EXAMPLE2.C
![Page 25: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/25.jpg)
FUNCTION POINTER.C
![Page 26: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/26.jpg)
RAND_EXAMPLE.C
![Page 27: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/27.jpg)
RAND_EXAMPLE.C
Different
![Page 28: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/28.jpg)
GAME OF CHANCE.C
![Page 29: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/29.jpg)
GAME OF CHANCE.C
![Page 30: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/30.jpg)
GAME OF CHANCE.C
![Page 31: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/31.jpg)
GAME OF CHANCE.C
![Page 32: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/32.jpg)
GAME OF CHANCE.C
![Page 33: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/33.jpg)
GAME OF CHANCE.C
![Page 34: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/34.jpg)
GAME OF CHANCE.C
![Page 35: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/35.jpg)
GAME OF CHANCE.C
![Page 36: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/36.jpg)
GAME OF CHANCE.C
![Page 37: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/37.jpg)
GAME OF CHANCE.C
![Page 38: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/38.jpg)
GAME OF CHANCE.C
![Page 39: Graduate School of Information Security MIN CHUL, KIM HACKING – THE ART OF EXPLOITATION Ox28O BUILDING ON BASIC - ANALYSIS SOURCE CODE](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ea05503460f94ba2d76/html5/thumbnails/39.jpg)
PLAY‘GAME OF CHANCE’
I didn’t win the game. T_T