[framework] Problem in writing exploits
Cristiano de Nunno
glorfind3l at gmail.com
Wed Oct 11 10:00:08 CDT 2006
> Sounds like you are running into one of the security features in the Linux
> kernel (I am assuming Linux). Google for exec-shield for an idea. Usually
> these features are fairly easy to turn off. For example exec-shield is:
>
> echo "0" > /proc/sys/kernel/exec-shield
> echo "0" > /proc/sys/kernel/exec-shield-randomize
>
> However all of this is way beyond the list charter. I'd recommend a couple
> of
> books, such as "Gray Hat Hacking", "Hacking: The Art of Exploitation", and
> "The Shellcoder's Handbook".
>
> -SN
I'm running Ubuntu Dapper, and I followed your advice using
echo "0" > /proc/sys/kernel/randomize_va_space
to disable stack randomization.
Now if I check with gdb the esp reg value is always the same, but when I
attempt to exploit the program with metasploit I get "Read: bad address"
error and payloads don't work.
How can I do?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20061011/f5823168/attachment.htm
More information about the framework
mailing list