Note: Here we are using gcc 4.4.1 compiler on Ubuntu 9.10
- First of all we have to disable SELINUX present in your system, this can be done by going to /etc/sysconfig/selinux file and changingthe SELINUX=permissive setting to SELINUX=disabled, here we are disabling this because, selinux offers mandatory access control policies on OS, where in user programs are not given privileges beyond a certain extent.
- Next we have to turn off randomize_va_space, because generally shellcode uses the address space to execute its malicious payload, so if you randomize your address space to new processes than your system becomes more secure against attacks, so in order to turn it off issue this command in terminal==>sudo sysctl -w kernel.randomize_va_space=0.
- Next we have to disable the stack smashing protector, by issuing this -fno-stack-protector while compiling the c code.
- Next we have to disable executable space protection, "Executable space protection" is the marking of memory regions as non-executable, such that an attempt to execute machine code in these regions will raise an exception. So in order to disable this use -z execstack while compiling the c code.
- so the c code is compiled as gcc -fno-stack-protector -z execstack vulnerable.c -o vulnerable
0 comments:
Post a Comment