6

Problem carrying out a simple buffer overflow

view full story
linux-howto

http://forums.fedoraforum.org – Hi, I would like to start learning about the nuts and bolts concerning Linux security. I bought the "Gray Hat Hacking" book by Harris et al. and started working at their example for buffer overflows but hit a bump immediately. Is this the right place to be discussing this sort of thing? If so I give pertinent info below: Program: //overflow.c #include <string.h> main(){ char str1[10]; //declare a 10 byte string //next, copy 35 bytes of "A" to str1 strcpy (str1, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); } gcc -ggdb -o overflow overflow.c ./overflow resulted in the expected segmentation fault. gdb -q overflow --> run resulted in: Starting program: /tmp/overflow Program received signal SIGSEGV, Segmentation fault. 0x000000000040048f in main () at overflow.c:7 7 } I was expecting something like 0x41414141 instead i.e. the hex for ASCII A is 0x41. Also (gdb) info reg eip resulted in: Invalid register `eip' The book suggested the following to disable Fedora's Address Space Layout Randomization: echo "0" > /proc/sys/kernel/randomize_va_space echo "0" > /proc/sys/kernel/exec-shield echo "0" > /proc/sys/kernel/exec-shield-randomize The first two commands executed but the last resulted in: bash: /proc/sys/kernel/exec-shield-randomize: No such file or directory Can anyone help me to understand what is going on? Many thanks in advance, M. (HowTos)