The problem nowadays to learn buffer overflow is:
- linux kernel has protection (va_randomize, exec_shield,...)
- distribution has protection (armor, selinux, ...)
- gcc has protection (stack canary, ...
That is good, because it protect us. But bad for learning.
To learn "buffer overflows" you must deactivate the protection
some tips:
to deactivate gcc protection:
-fno-stack-protector
-fnomudflap
-D_FORTIFY_SOURCE=0
gcc overflow.c -o overflow -fno-stack-protector
gcc -fno-stack-protector -z execstack -o bug bug.c
to deactivate kernel protection:
echo "0" > /proc/sys/kernel/randomize_va_space
echo "0" > /proc/sys/kernel/exec-shield
echo "0" > /proc/sys/kernel/exec-shield-randomize
info about execstack
If you look at the programm with objdump (objdump -x cmd):
STACK off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**3
filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw-
The stack is not executable!
you can do it executable with
gcc -fno-stack-protector -z execstack -o bug bug.c
If you want to learn heap or bss overflow you must do them executable too.
DYNAMIC off 0x0000000000000e40 vaddr 0x0000000000600e40 paddr 0x0000000000600e40 align 2**3
filesz 0x00000000000001a0 memsz 0x00000000000001a0 flags rw-
Donnerstag, 23. September 2010
Mittwoch, 15. September 2010
run Linux in Windows
there is a possibility to run Linux in a Windows environment. No partition, no extra linux on disk. You can install your linux in windows partition (ntfs, fat?) and start it running windows. No reboot anymore. Ok I virtually don't need it, because I use only linux (have any windows).
But here are the link: andLinux
andLinux based on coLinux.
coLinux, ulteo Desktop
But here are the link: andLinux
andLinux based on coLinux.
coLinux, ulteo Desktop
Abonnieren
Posts (Atom)