Re: buffer overflows

[ArcSighter Elite <arcsighter () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sanjay R wrote:
> Hi,
> as suggested by Fuggiano, by default, gcc has stack protection
> (StackShield). so, if you got the error similar to
> **** Stack Smashing detected****.. try to disable it by
> gcc --no-stack-protector -o vuln vuln.c
>  Please let us also know if still you are not able to run the
> examples, so that we will also be aware of this.
> -sanjay
>
> On Fri, Jan 9, 2009 at 5:17 PM, kalgecin <kalgecin () gmail com> wrote:
> > All i did was disable the va randromization by running
> > "echo 0 > /proc/sys/kernel/randomize_va_space"
> > The inbuilt gcc protection and other means of protection were enabled.
> >
> > On 1/9/09, Giuseppe Fuggiano <giuseppe.fuggiano () gmail com> wrote:
> > > 2009/1/8 kalgecin <kalgecin () gmail com>:
> > > > after reading many papers on the subject only to be disappointed to
> > > > find out that the examples don't work, i decided to write my own
> > > > please read it at <kalgecin.b0x.com>.
> > > > i need all the comments that you can offer either positive or negative.
> > > Did you disable the stack protector compiling that examples?
> > >
> > > --
> > > Giuseppe Fuggiano
As said linux enable ASLR and StackProtection by default, you need to
disable such protections in order to successfully follow any example.
Secondly, you need to enumerate in order to find some custom kernel
patches that may be installed in your system.

Sincerely.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJa0dMH+KgkfcIQ8cRAmd2AJwJ0gBVhIlBHWtfaAqLay4ZabNojgCfcPaj
LXHydwALoeHkg/PALvKrvgU=
=9VRl
-----END PGP SIGNATURE-----