Vulnerability Development mailing list archives
Re: solaris gdb screen mayhem
From: ant () notatla demon co uk (Antonomasia)
Date: Mon, 3 Sep 2001 20:16:38 +0100 (BST)
From: corecode <corecode () corecode ath cx> Subject: Re: solaris gdb screen mayhem Cc: vuln-dev () securityfocus com
I've been attempting a white-hat "exploit" to run some demo code on the stack on Solaris. The aim is to show whether the non-executable stack is in force (and the /etc/system file may not be a reliable guide to this if modified since last boot or something).
I am using a suggestion I got off-list. Thanks for all responses.
Apart from your gdb mayhem, why not check the status of the "noexec_user_stack" flag by querying the running kernel? This requires root privs, but is definitely easier than exploiting a buffer overflow. # mdb -k ( or adb if Solaris 7 or below ) Loading modules: [ unix krtld genunix ufs_log ip nfs random ipc lofs ptm logindmux ]noexec_user_stack/Xnoexec_user_stack: noexec_user_stack: 0
-- ############################################################## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ##############################################################
Current thread:
- Re: solaris gdb screen mayhem Antonomasia (Sep 03)