Donnerstag, 24. März 2011

HACKING: disable security

for testing some security stuff aka buffer overflows, you must disable security such as address randomization and stack execuation deactivation.

simple as root do:

echo "0" > /proc/sys/kernel/randomize_va_space
echo "0" > /proc/sys/kernel/exec-shield
echo "0" > /proc/sys/kernel/exec-shield-randomize

next you must compile the application without stack execution dissable and stack protection for example. example for a gcc compilation flags (that help me to learn hacking):

gcc -m32 -w -fno-pie -z norelro -fno-stack-protector -ggdb -z execstack -o myprog myprog.c

see my last article (the same stuff, but older)

have fun

Keine Kommentare:

Kommentar veröffentlichen