Security Basics mailing list archives
Re: buffer overflows
From: ArcSighter Elite <arcsighter () gmail com>
Date: Mon, 12 Jan 2009 08:36:12 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sanjay R wrote:
Hi, as suggested by Fuggiano, by default, gcc has stack protection (StackShield). so, if you got the error similar to **** Stack Smashing detected****.. try to disable it by gcc --no-stack-protector -o vuln vuln.c Please let us also know if still you are not able to run the examples, so that we will also be aware of this. -sanjay On Fri, Jan 9, 2009 at 5:17 PM, kalgecin <kalgecin () gmail com> wrote:All i did was disable the va randromization by running "echo 0 > /proc/sys/kernel/randomize_va_space" The inbuilt gcc protection and other means of protection were enabled. On 1/9/09, Giuseppe Fuggiano <giuseppe.fuggiano () gmail com> wrote:2009/1/8 kalgecin <kalgecin () gmail com>:after reading many papers on the subject only to be disappointed to find out that the examples don't work, i decided to write my own please read it at <kalgecin.b0x.com>. i need all the comments that you can offer either positive or negative.Did you disable the stack protector compiling that examples? -- Giuseppe Fuggiano
As said linux enable ASLR and StackProtection by default, you need to disable such protections in order to successfully follow any example. Secondly, you need to enumerate in order to find some custom kernel patches that may be installed in your system. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFJa0dMH+KgkfcIQ8cRAmd2AJwJ0gBVhIlBHWtfaAqLay4ZabNojgCfcPaj LXHydwALoeHkg/PALvKrvgU= =9VRl -----END PGP SIGNATURE-----
Current thread:
- Re: buffer overflows Sanjay R (Jan 12)
- Re: buffer overflows ArcSighter Elite (Jan 12)
- Re: buffer overflows kalgecin (Jan 12)
- Re: buffer overflows ArcSighter Elite (Jan 12)