| View previous topic :: View next topic |
| Author |
Message |
Leman
n00b
Joined: 24 Jan 2008
Posts: 3
|
 Posted: Thu Jan 24, 2008 12:12 pm Post subject: Has Gentoo 2007.0 a non-executable stack by default? |
 |
|
Hello,
I'm reading a book about buffer overflows and I'm trying a piece of software that executes code in the stack. It gives me a segmentation fault when executed. I have debugged it and I have seen problems after the execution flow jumps to the shellcode placed in the heap. I would like to know if Gentoo implements a non-executable stack by default and how to uninstall or disable it.
I have search the net and I have found info about exec-shield and PaX. I have not installed anything like PaX and /proc/sys/kernel/exec-shield does not exist. I have tried to echo a 0 into /proc/sys/kernel/exec-shield just in case but I can't. It says that the file does not exist and I can't create it even as root. |
|
| Back to top |
|
 |
Sadako
Advocate
Joined: 05 Aug 2004
Posts: 3792
Location: sleeping in the bathtub
|
|
| Back to top |
|
|
Leman
n00b
Joined: 24 Jan 2008
Posts: 3
|
| Posted: Thu Jan 24, 2008 2:26 pm Post subject: |
|
|
| Hopeless wrote: | | Hardened Gentoo is what you want, which includes pax/ssp amongst other security hardening features. |
No. What I want is to disable this protection. I want an executable stack because I want to study how buffer overflows and exploits in general are programmed. |
|
| Back to top |
|
|
Suicidal
l33t
Joined: 30 Jul 2003
Posts: 959
Location: /dev/null
|
|
| Back to top |
|
|
Leman
n00b
Joined: 24 Jan 2008
Posts: 3
|
| Posted: Thu Jan 24, 2008 4:25 pm Post subject: |
|
|
| Suicidal wrote: | | Do you have No Execute enabled on your processor in the bios? |
I will check that, thanks.
| Suicidal wrote: |
If you really want to play with buffer overflows why not install something like redhat 6 in a VM?
|
Yes. I have just downloaded Centos and I have already installed VMWare on my machine but I would like to solve this problem to know why this is happening. |
|
| Back to top |
|
|
Suicidal
l33t
Joined: 30 Jul 2003
Posts: 959
Location: /dev/null
|
| Posted: Thu Jan 24, 2008 4:33 pm Post subject: |
|
|
| Leman wrote: | | Suicidal wrote: | | Do you have No Execute enabled on your processor in the bios? |
I will check that, thanks.
| Suicidal wrote: |
If you really want to play with buffer overflows why not install something like redhat 6 in a VM?
|
Yes. I have just downloaded Centos and I have already installed VMWare on my machine but I would like to solve this problem to know why this is happening. |
CentOS isn't too old, and its compiler will be relatively modern; if you install something old like RH6 you can play with 7 years of known exploits.
I would at least tray an OS release that is at least a year older that the publication date on the book - Just to be safe. |
|
| Back to top |
|
|
jcat
Veteran
Joined: 26 May 2006
Posts: 1337
|
| Posted: Tue Feb 05, 2008 4:47 pm Post subject: |
|
|
| Suicidal wrote: | Do you have No Execute enabled on your processor in the bios?
|
Pardon my possible ignorance, but..
How would you be able to boot a system without being able to execute binaries!??
Cheers,
jcat |
|
| Back to top |
|
|
Sadako
Advocate
Joined: 05 Aug 2004
Posts: 3792
Location: sleeping in the bathtub
|
| Posted: Tue Feb 05, 2008 5:43 pm Post subject: |
|
|
| jcat wrote: | | Suicidal wrote: | Do you have No Execute enabled on your processor in the bios?
|
Pardon my possible ignorance, but..
How would you be able to boot a system without being able to execute binaries? |
What they are referring to is the NX bit, which ensures that no code is run from areas in memory that are only supposed to contain data rather than executable code.
Read the wikipedia article for a better explanation.
_________________
"You have to invite me in" |
|
| Back to top |
|
|
jcat
Veteran
Joined: 26 May 2006
Posts: 1337
|
| Posted: Tue Feb 05, 2008 5:45 pm Post subject: |
|
|
Thanks for the info 
Cheers,
jcat |
|
| Back to top |
|
|
|
Networking & Security
