c - Do anyone konow why I get SIGSEGV, segmentation fault by execution 0x90 -


i segmentation fault error executing 0x90 why cold happen ??

this c code :

#include<stdio.h> #include<string.h> #include<unistd.h> #include<stdlib.h> #include<stdint.h> char * buffer;   int64_t * startptr; int64_t * endptr; int64_t * exploitaddress;  int test() {      printf("test\n");     return 0; }  void main(int argc, char ** argv) {     char buffer[512];     startptr = (int64_t *) &test;     printf("funcptr : \n %p\n", startptr);     printf("bufferptr : \n %p\n", buffer);     strcpy(buffer, argv[1]);     printf("string : \n%s\n", buffer);  }

this doing in gdb :

(gdb) run `python -c 'print "\x90" * (256+8) + "\x90"*(256) + "\x30\xd8\xff\xff\xff\x7f\x00\x00"'` starting program: /home/nikolaij/schreibtisch/bufferoverflow/opengl `python -c 'print "\x90" * (256+8) + "\x90"*(256) + "\x30\xd8\xff\xff\xff\x7f\x00\x00"'` funcptr :   0x4005b6 bufferptr :   0x7fffffffd800 string :  ����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������0����  program received signal sigsegv, segmentation fault. 0x00007fffffffd830 in ?? () (gdb) info reg rax            0x219    537 rbx            0x0  0 rcx            0x7ffffde7   2147483111 rdx            0x7ffff7dd3780   140737351858048 rsi            0x1  1 rdi            0x1  1 rbp            0x9090909090909090   0x9090909090909090 rsp            0x7fffffffda10   0x7fffffffda10 r8             0x0  0 r9             0x219    537 r10            0x20e    526 r11            0x246    582 r12            0x4004c0 4195520 r13            0x7fffffffdae0   140737488345824 r14            0x0  0 r15            0x0  0 rip            0x7fffffffd830   0x7fffffffd830 eflags         0x10206  [ pf if rf ] cs             0x33 51 ---type <return> continue, or q <return> quit--- ss             0x2b 43 ds             0x0  0 es             0x0  0 fs             0x0  0 gs             0x0  0 (gdb) x /64xb 0x00007fffffffd830 0x7fffffffd830: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd838: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd840: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd848: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd850: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd858: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd860: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 0x7fffffffd868: 0x90    0x90    0x90    0x90    0x90    0x90    0x90    0x90 (gdb)

notice :

0x7fffffffd830: 0x90 rip            0x7fffffffd830   0x7fffffffd830

compiling :

gcc test.c -fno-stack-protector -o opengl

the program name "opengl" has nothing program. it's older programm.

thanks help.

you need build -wl,-z,execstack.

most modern systems protect against putting executable code on stack, in order protect against stack overflow attack trying implement.

documentation.


Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not
Read more