Metasploit mailing list archives
Problem in writing exploits
From: glorfind3l at gmail.com (Cristiano de Nunno)
Date: Wed, 11 Oct 2006 17:00:08 +0200
Sounds like you are running into one of the security features in the Linux kernel (I am assuming Linux). Google for exec-shield for an idea. Usually these features are fairly easy to turn off. For example exec-shield is: echo "0" > /proc/sys/kernel/exec-shield echo "0" > /proc/sys/kernel/exec-shield-randomize However all of this is way beyond the list charter. I'd recommend a couple of books, such as "Gray Hat Hacking", "Hacking: The Art of Exploitation", and "The Shellcoder's Handbook". -SN
I'm running Ubuntu Dapper, and I followed your advice using echo "0" > /proc/sys/kernel/randomize_va_space to disable stack randomization. Now if I check with gdb the esp reg value is always the same, but when I attempt to exploit the program with metasploit I get "Read: bad address" error and payloads don't work. How can I do? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20061011/f5823168/attachment.htm>
Current thread:
- Problem in writing exploits Cristiano de Nunno (Oct 10)
- Problem in writing exploits Simple Nomad (Oct 10)
- Problem in writing exploits Cristiano de Nunno (Oct 11)
- Problem in writing exploits Simple Nomad (Oct 11)
- Problem in writing exploits Cristiano de Nunno (Oct 11)
- Problem in writing exploits Jesús Olmos (Oct 11)
- Problem in writing exploits Simple Nomad (Oct 10)