Xcross87 0 Report post Posted August 14, 2009 (edited) Hi Mandri-ers, I'm currently studying security under Linux. However, it doesn't seem to work for me in Mandriva. The source: (of source, 100% buffer overflow) #include <stdio.h> #include <string.h> int main( int argc, char *argv[] ) { char buffer[100]; strcpy( buffer, argv[1] ); return 0; } I've Googled and did all these: 1. Disable GCC Stack Protector (-fno-stack-protector) 2. Disable source check (-D_FORTIFY_SOURCE=0) 3. Disable ASLR (kernel.randomize_va_space=0) 4*. Enable GNU_STACK ELF Markings (-z exestack) I've done 1,2,3, including 4 in final compiling command: $ gcc -fno-stack-protector -z exestack -D_FORTIFY_SOURCE=0 -o overflow overflow.c && readelf -l overflow | grep -i stack GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4 Guess what? It still doesn't work out. EIP is not overwritten... As you can see above, the ./overflow still can't execute stack even I specify option "-z exestack" (RWE), it still gives the final binary (RW) instead. My system info: Mandriva Linux 2009.1 Linux localhost 2.6.29.6-desktop-1mnb #1 SMP Sun Jul 5 19:57:54 EDT 2009 i686 Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz GNU/Linux Anyone know how can I setup the environment for this? I really need helps right now. Best regards, Edited August 14, 2009 by Xcross87 Quote Share this post Link to post Share on other sites
