|
Excuse the ads! We need some help to keep our site up.
<div id="google_translate_element"></div><script type="text/javascript"> function googleTranslateElementInit() { new google.translate.TranslateElement({pageLanguage: 'ko', layout: google.translate.TranslateElement.InlineLayout.SIMPLE, multilanguagePage: true, gaTrack: true, gaId: 'UA-92563911-1'}, 'google_translate_element'); } </script><script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
#include <stdio.h> #include <stdlib.h> int main(){ char str[256]; char *chare = (char*)malloc(100); printf("Input: "); gets(str); printf("%p\n", str); } |
gcc -z execstack -o DEP-disabled DEP.c |
Checksec.sh에서 다음과 같은 결과를 출력합니다.
DEP-disabled file: NX disabled
DEP disabled |
| |
---|---|---|
DEP enabled |
|
DEP enabled |
| |
---|---|---|
DEP disabled |
|
# check for NX support if readelf -W -l $1 2>/dev/null | grep 'GNU_STACK' | grep -q 'RWE'; then echo -n -e '\033[31mNX disabled\033[m ' else echo -n -e '\033[32mNX enabled \033[m ' fi |
lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l ./DEP-disabled |grep 'GNU_STACK' GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10 lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l ./DEP-disabled |grep 'GNU_STACK' | grep 'RWE' GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10 lazenca0x0@ubuntu:~/Documents/Definition/protection$ |
lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l ./DEP-enabled |grep 'GNU_STACK' GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0x10 lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l ./DEP-enabled |grep 'GNU_STACK' | grep 'RWE' lazenca0x0@ubuntu:~/Documents/Definition/protection$ |
# fallback check for NX support elif readelf -W -l $1/exe 2>/dev/null | grep 'GNU_STACK' | grep -q 'RWE'; then echo -n -e '\033[31mNX disabled\033[m ' else echo -n -e '\033[32mNX enabled \033[m ' fi |
lazenca0x0@ubuntu:~/Documents/Definition/protection$ ps -ef|grep DEP lazenca+ 6586 6369 0 20:22 pts/18 00:00:00 ./DEP-disabled lazenca+ 6607 6173 0 20:23 pts/4 00:00:00 grep --color=auto DEP lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l /proc/6586/exe |grep 'GNU_STACK' GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10 lazenca0x0@ubuntu:~/Documents/Definition/protection$ readelf -W -l /proc/6586/exe |grep 'GNU_STACK' | grep 'RWE' GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10 lazenca0x0@ubuntu:~/Documents/Definition/protection$ |
# check cpu nx flag nxcheck() { if grep -q nx /proc/cpuinfo; then echo -n -e '\033[32mYes\033[m\n\n' else echo -n -e '\033[31mNo\033[m\n\n' fi } |
lazenca0x0@ubuntu:~/Documents/Definition/protection$ grep nx /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm epb fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid xsaveopt dtherm ida arat pln pts lazenca0x0@ubuntu:~/Documents/Definition/protection$ |
|