2015. 8. 19. 10:13

세미나용으로 만든 UAF 예제코드 



#include <iostream>

#include <stdlib.h>

#include <string.h>

#include <stdio.h>


using namespace std;

class B

{

public:

char *v1 = NULL;

virtual void foo(int a)

{

cout << "B Foo Call" << a << endl;

}

};


class D : public B

{

public:

char *buff;

void foo(int a)

{

cout << "D Foo Call " << a << endl;

}

};


class E

{

public:

char buff[24]="";

void test(int a){

cout << "E->TEST "<<endl;

}

void copy(char *v2){

memcpy(buff,v2,20);

}


};

int foo3(){

cout << "This is UNUSING FOO " <<endl;

return 0;

}

int (*funcAddr)() = foo3;

int main(int argc, char *argv[]){


char * test;

B *d,*b;

E *e;


printf("-------------------------------\n");

printf("[PRINT] UNUSING FOO function addr %x \n",&funcAddr);

printf("-------------------------------\n");

d = new D;

delete d;


e = new E;

e->copy(argv[1]);


printf("d->foo(9) call \n");

d->foo(9);





return 0;

}



Posted by k1rha