{"html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fkernhack.hatenablog.com%2Fentry%2F2016%2F11%2F24%2F235551\" title=\"format string attack\u3081\u3082 - \u03c6(\u30fb\u30fb*)\u309e \uff73\uff70\uff9d\u3000\u30ab\u30fc\u30cd\u30eb\u3068\u304b\u5f04\u3063\u305f\u308a\u306e\u30e1\u30e2\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","author_name":"masami256","provider_name":"Hatena Blog","url":"https://kernhack.hatenablog.com/entry/2016/11/24/235551","categories":["exploit"],"width":"100%","blog_title":"\u03c6(\u30fb\u30fb*)\u309e \uff73\uff70\uff9d\u3000\u30ab\u30fc\u30cd\u30eb\u3068\u304b\u5f04\u3063\u305f\u308a\u306e\u30e1\u30e2","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/m/masami256/20161124/20161124233630.png","published":"2016-11-24 23:55:51","blog_url":"https://kernhack.hatenablog.com/","title":"format string attack\u3081\u3082","description":"\u6700\u8fd1CTF\u3068\u304b\u8208\u5473\u51fa\u3066\u304d\u305f\u306e\u3067\u8272\u3005\u3068\u904a\u3093\u3067\u307e\u3059\u3002 \u4eca\u56de\u306fOverTheWire: Narnia\u306e\u30ec\u30d9\u30eb7\u306e\u554f\u984c(narnia7.c)\u3092\u5143\u306bformat string attack\u306e\u30e1\u30e2\u3067\u3059\u3002 narnia7\u306e\u8106\u5f31\u6027\u306e\u3042\u308b\u95a2\u6570\u306f\u3053\u308c\u3067\u3059\u3002format\u306fmain\u95a2\u6570\u306b\u304a\u3044\u3066\u306fargv[1]\u3067\u53c2\u7167\u3055\u308c\u3066\u3044\u305f\u3082\u306e\u3067\u3001\u30e6\u30fc\u30b6\u30fc\u304b\u3089\u306e\u5165\u529b\u304c\u305d\u306e\u307e\u307esnprintf(3)\u306b\u6e21\u308a\u307e\u3059\u3002 int vuln(const char *format){ char buffer[128]; int (*ptrf)(); memset(buffer, 0, sizeof(buffer)); printf(\"goodfun\u2026","author_url":"https://blog.hatena.ne.jp/masami256/","type":"rich","version":"1.0","provider_url":"https://hatena.blog","height":"190"}