{"published":"2026-03-19 00:23:52","provider_name":"Hatena Blog","url":"https://www.sdsg.moe/entry/2026/03/19/002352","title":"Buffer Overflow \u5b9f\u8df5\u30ce\u30fc\u30c8","blog_title":"Slapdash Safeguards","provider_url":"https://hatena.blog","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fwww.sdsg.moe%2Fentry%2F2026%2F03%2F19%2F002352\" title=\"Buffer Overflow \u5b9f\u8df5\u30ce\u30fc\u30c8 - Slapdash Safeguards\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","author_url":"https://blog.hatena.ne.jp/scento/","image_url":null,"version":"1.0","author_name":"scento","height":"190","width":"100%","categories":["by scento","\u5b9f\u8df5"],"type":"rich","blog_url":"https://www.sdsg.moe/","description":"\u524d\u63d0\u77e5\u8b58\uff1a\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u6642\u306b\u30e1\u30e2\u30ea\u3067\u4f55\u304c\u8d77\u304d\u308b\u304b Step 1\uff1aEIP \u306e\u30aa\u30d5\u30bb\u30c3\u30c8\u3092\u7279\u5b9a\u3059\u308b \u30c6\u30b9\u30c8\u6587\u5b57\u5217\u3092\u751f\u6210\u3059\u308b pattern \u3092\u9001\u4fe1\u3057\u3066\u30af\u30e9\u30c3\u30b7\u30e5\u3092\u89b3\u5bdf\u3059\u308b \u30aa\u30d5\u30bb\u30c3\u30c8\u3092\u8a08\u7b97\u3059\u308b \u30aa\u30d5\u30bb\u30c3\u30c8\u3092\u691c\u8a3c\u3059\u308b Step 2\uff1aBad Characters \u3092\u7279\u5b9a\u3059\u308b \u5b8c\u5168\u306a\u30d0\u30a4\u30c8\u5217\u3092\u751f\u6210\u3059\u308b \u9001\u4fe1\u3057\u3066\u5206\u6790\u3059\u308b Step 3\uff1amona.py \u3067\u30ea\u30bf\u30fc\u30f3\u30a2\u30c9\u30ec\u30b9\u3092\u63a2\u3059 mona.py \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb \u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u4fdd\u8b77\u72b6\u614b\u3092\u78ba\u8a8d\u3059\u308b bytearray \u3092\u751f\u6210\u3057\u3066 bad chars \u3092\u6bd4\u8f03\u3059\u308b JMP ESP \u306e\u30a2\u30c9\u30ec\u30b9\u3092\u63a2\u3059 Step 4\uff1aShellcode \u3092\u751f\u6210\u3059\u308b Step 5\uff1aPaylo\u2026"}