๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ

Reverse Engineering18

[Reverse Engineering] CodeEngn Basic RCE L15 WriteUp ๐Ÿ“Œ CodeEngn Basic RCE L15 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. 7-Zip File Manager ์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 15 ํŒŒ์ผ ์† ์‘์šฉ ํ”„๋กœ๊ทธ๋žจ ๋ฐœ๊ฒฌ 3. 15.exe ์„ ์‹คํ–‰ํ•˜์—ฌ ์ž„์˜์˜ ๊ฐ’ ์ž…๋ ฅ ํ›„ "Check it!" ๋ฒ„ํŠผ ํด๋ฆญ --> "Try Again!" ์ด๋ผ๋Š” ํŒ์—…์ฐฝ ํ™•์ธ 4. Immunity Debugger ์„ ํ†ตํ•ด 15 ํŒŒ์ผ ์˜คํ”ˆ 5. ์„ฑ๊ณต ๋ฌธ์ž์—ด๊ณผ ์‹คํŒจ ๋ฌธ์ž์—ด๋กœ ๋ถ„๊ธฐํ•˜๋Š” ๋ถ€๋ถ„ ๋ฐœ๊ฒฌ --> ๋ถ„๊ธฐ ๋ถ€๋ถ„๊ณผ ๊ทธ ์•„๋ž˜ BreakPoint ์„ค์ • 6. Debugging ์‹คํ–‰ ํ›„ ๋ ˆ์ง€์Šคํ„ฐ ๊ฐ’ ํ™•์ธ # EAX ๋ ˆ์ง€์Šคํ„ฐ : 00000457 # 45B844 Address : 0x6160 ++ ์•Œ ์ˆ˜ ์žˆ๋Š” ์‚ฌ์‹ค : "CodeEngn" ์— ๋Œ€ํ•œ Serial ๊ฐ’ ==.. 2023. 11. 10.
[Reverse Engineering] CodeEngn Basic RCE L14 WriteUp โ›ฑ๏ธ CodeEngn Basic RCE L14 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. 7-Zip File Manager ์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 14 ํŒŒ์ผ ์† ์‘์šฉ ํ”„๋กœ๊ทธ๋žจ ๋ฐœ๊ฒฌ 3. 14.exe ํŒŒ์ผ์„ ์‹คํ–‰ํ•˜์—ฌ ์ž„์˜์˜ ๊ฐ’์„ ์ž…๋ ฅํ•œ ํ›„ "Check" ํด๋ฆญ --> Serial ์ด ํ‹€๋ ธ๋‹ค๋Š” ์•ˆ๋‚ด๋ฌธ์ด ์ถœ๋ ฅ 4. ๊ด€๋ จ ์ •๋ณด ์ˆ˜์ง‘์„ ์œ„ํ•ด Detect It Easy ๋ฅผ ํ†ตํ•ด ํŒŒ์ผ ์˜คํ”ˆ --> ํŒŒ์ผ์ด UPX ํ˜•์‹์œผ๋กœ ํŒจํ‚น๋˜์–ด์žˆ์Œ์„ ํ™•์ธ ++ ์•„์ง Detect It Easy ๋ฅผ ์„ค์น˜ํ•˜์ง€ ์•Š์•˜๋‹ค๋ฉด? --> https://www.majorgeeks.com/ MajorGeeks.Com - MajorGeeks www.majorgeeks.com 5. ํŒจํ‚น๋œ ์ƒํƒœ์ธ 14 ํŒŒ์ผ์— ๋Œ€ํ•˜์—ฌ ์–ธํŒจํ‚น ์ง„ํ–‰ ++ UP.. 2023. 11. 10.
[Reverse Engineering] CodeEngn Basic RCE L13 WriteUp ๐Ÿ CodeEngn Basic RCE L13 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. 7-Zip File Manager ์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 13 ํŒŒ์ผ ์† ์‘์šฉ ํ”„๋กœ๊ทธ๋žจ ๋ฐœ๊ฒฌ 3. 13.exe ํŒŒ์ผ์„ ์‹คํ–‰ํ•˜์—ฌ ์ž„์˜์˜ ๊ฐ’์„ ์ž…๋ ฅํ•œ ํ›„ "Enter" ํด๋ฆญ --> ํŒจ์Šค์›Œ๋“œ๊ฐ€ ํ‹€๋ ธ๋‹ค๋Š” ์•ˆ๋‚ด๋ฌธ์ด ์ถœ๋ ฅ 4. ๊ด€๋ จ ์ •๋ณด ์ˆ˜์ง‘์„ ์œ„ํ•ด Detect It Easy ๋ฅผ ํ†ตํ•ด ํŒŒ์ผ ์˜คํ”ˆ --> ํŒŒ์ผ์ด .NET ํ˜•์‹์ž„์„ ํ™•์ธ 5. ํŒŒ์ผ ๋ถ„์„์„ ์œ„ํ•ด dnspy ๋‹ค์šด๋กœ๋“œ ++ dnspy ๋‹ค์šด๋กœ๋“œ ๋ฐฉ๋ฒ•์ด ๊ถ๊ธˆํ•˜๋‹ค๋ฉด? --> https://alim11.tistory.com/484 [Debugging & Assembly] DnSpy ํˆด ๋‹ค์šด๋กœ๋“œ ๋ฐ ์‚ฌ์šฉ ๋ฐฉ๋ฒ• ๐Ÿ‘พ DnSpy ๋ž€? DnSpy๋Š” .NET ์–ด์…ˆ๋ธ”๋ฆฌ ํŽธ์ง‘.. 2023. 11. 10.
[Reverse Engineering] CodeEngn Basic RCE L10 WriteUp ๐Ÿ‘ข CodeEngn Basic RCE L10 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. ๋ฐ˜๋””์ง‘์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 10 ํŒŒ์ผ ์† ์‘์šฉ ํ”„๋กœ๊ทธ๋žจ ๋ฐœ๊ฒฌ 3. ๊ด€๋ จ ์ •๋ณด ์ˆ˜์ง‘์„ ์œ„ํ•ด Detect It Easy ๋ฅผ ํ†ตํ•ด ํŒŒ์ผ ์˜คํ”ˆ --> ํŒŒ์ผ์ด ASPack ํ˜•์‹์œผ๋กœ ํŒจํ‚น๋˜์–ด์žˆ์Œ์„ ํ™•์ธ ++ ์•„์ง Detect It Easy ๋ฅผ ์„ค์น˜ํ•˜์ง€ ์•Š์•˜๋‹ค๋ฉด? --> https://www.majorgeeks.com/ MajorGeeks.Com - MajorGeeks www.majorgeeks.com 4. ํŒจํ‚น๋œ ์ƒํƒœ์ธ 10 ํŒŒ์ผ์— ๋Œ€ํ•˜์—ฌ ์–ธํŒจํ‚น ์ง„ํ–‰ ++ VMUnpacker ์„ค์น˜ํ•˜๊ธฐ 5. ์–ธํŒจํ‚นํ•œ 10 ํŒŒ์ผ์„ Immunity Debugger ๋กœ ์˜คํ”ˆ --> OEP๊ฐ€ 00445834 ์ž„์„ ํ™•์ธ ++ OEP(.. 2023. 10. 3.
[Reverse Engineering] CodeEngn Basic RCE L09 WriteUp ๐Ÿง CodeEngn Basic RCE L09 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. 7-Zip File Manager ์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 09 ํŒŒ์ผ ์† ์‘์šฉ ํ”„๋กœ๊ทธ๋žจ ๋ฐœ๊ฒฌ 3. ๊ด€๋ จ ์ •๋ณด ์ˆ˜์ง‘์„ ์œ„ํ•ด Detect It Easy ๋ฅผ ํ†ตํ•ด ํŒŒ์ผ ์˜คํ”ˆ --> ํŒŒ์ผ์ด UPX ํ˜•์‹์œผ๋กœ ํŒจํ‚น๋˜์–ด์žˆ์Œ์„ ํ™•์ธ ++ ์•„์ง Detect It Easy ๋ฅผ ์„ค์น˜ํ•˜์ง€ ์•Š์•˜๋‹ค๋ฉด? --> https://www.majorgeeks.com/ MajorGeeks.Com - MajorGeeks www.majorgeeks.com 4. ํŒจํ‚น๋œ ์ƒํƒœ์ธ 09 ํŒŒ์ผ์— ๋Œ€ํ•˜์—ฌ ์–ธํŒจํ‚น ์ง„ํ–‰ ++ UPX ํŒจํ‚น๋œ ํŒŒ์ผ ์–ธํŒจํ‚นํ•˜๊ธฐ --> https://alim11.tistory.com/456 [UPX Un/Packer] UPX .. 2023. 10. 2.
[Reverse Engineering] CodeEngn Basic RCE L06 WriteUp ๐Ÿ“ž CodeEngn Basic RCE L06 WriteUp 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ ++ OEP(Original Entry Point) ๋ž€? OEP๋Š” "Original Entry Point"์˜ ์•ฝ์ž๋กœ, ์ฃผ๋กœ ํŒจํ‚น(packing)๋œ ์•…์„ฑ ์ฝ”๋“œ๋‚˜ ์••์ถ•๋œ ์ฝ”๋“œ์˜ ํŠน์ • ๋ถ€๋ถ„์—์„œ์˜ ์›๋ž˜ ์‹คํ–‰ ์ง€์ ์„ ์˜๋ฏธํ•œ๋‹ค. ํŒจํ‚น์€ ์•…์„ฑ ์ฝ”๋“œ๋ฅผ ๊ฐ์ถ”๊ณ  ํƒ์ง€๋ฅผ ํ”ผํ•˜๊ธฐ ์œ„ํ•ด ์‹คํ–‰ ํŒŒ์ผ์„ ์••์ถ•ํ•˜๋Š” ๊ธฐ์ˆ ๋กœ, ์ด๋Ÿฌํ•œ ๊ฒฝ์šฐ ์‹คํ–‰ ํŒŒ์ผ์€ ์ผ๋ฐ˜์ ์œผ๋กœ ์ •์ƒ์ ์ธ ์‹คํ–‰ ํ๋ฆ„์„ ๋”ฐ๋ฅด์ง€ ์•Š์„ ์ˆ˜ ์žˆ๋‹ค. ์ด๋•Œ OEP๋Š” ๋ณด์•ˆ ๋ถ„์„๊ฐ€๋‚˜ ๋ฆฌ๋ฒ„์Šค ์—”์ง€๋‹ˆ์–ด๊ฐ€ ์•…์„ฑ ์ฝ”๋“œ์˜ ๋™์ž‘์„ ๋ถ„์„ํ•˜๊ณ  ์ดํ•ดํ•˜๋Š” ๋ฐ ๋„์›€์„ ์ฃผ๋ฉฐ, ์•…์„ฑ ์ฝ”๋“œ์˜ ์‹ค์ œ ๊ธฐ๋Šฅ์„ ๋ถ„์„ํ•˜๊ณ  ๋Œ€์‘ํ•˜๋Š” ๋ฐฉ๋ฒ•์„ ๊ฐœ๋ฐœํ•˜๋Š” ๋ฐ ๋„์›€์„ ์ค„ ์ˆ˜ ์žˆ๋‹ค. 2. ๋ฐ˜๋””์ง‘์„ ํ†ตํ•ด ํŒŒ์ผ ์••์ถ• ํ•ด์ œ --> 06 ํŒŒ์ผ ์† .. 2023. 9. 29.

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”