Today we'll start here:
When I was looking for some 'nice example' I found this page. I decided to use the sample code available there, so we should start from here:
Compiling and running the code shoule present similar results as it was described on the post:
Code for our COMPILER.sh looks like this:
Now we should be able to continue with some other example. This one I found here:
As you can see, this time we'll attack a function strcmp(). Our super-evil-shared-library is presented below:
Let's compile it again (using our bash-compiler script) and let's see the results:
Now with our library loaded before the target_binary will start - we can control interesting function(s) - for this case, now we are able to present the password we are looking for. Checking results again:
As you can see - using LD_PRELOAD - we found the valid password. ;)
Now let's think for a while how it can be used to solve crackmes (or reverse malwares)...? ;)
See you next time!
Special thanks goes to my Patreon: Daniel.
You are AWESOME! ;)
Cheers
Brak komentarzy:
Prześlij komentarz