Re: Linux Security

From: dude84 (dhughes594_at_earthlink.net)
Date: 02/18/05 

Date: Fri, 18 Feb 2005 11:27:14 GMT

E. Charters wrote:
> did you terminate the string you stacked with a newline character?
> --> "\n" ??
   Yes I did terminate the string with a \n character.
   I created a string variable and pushed the variable onto the stack.
   Here is a copy of the code:
   File: message2.s
   gcc2_compiled:
    ,data
    .LCO:
         .string "Hello World\n"
     .global main
             .type main,@function
     main:
        pushl $.LCO
        call printf
        addl $0x4,%esp
        call exit
     This program functions when run from a prompt. This program is
strictly assembler.

>
> otherwise the standard C function printf will fail when you pass it the
> address of the stack, which is what I presume you passed it.
>
> The other problem is that stdio.h was not known to be included in your
> routine. How do you include it, such that the function knows where to
> send the io?
   I actually added one printf to the main program to try and make the
function available to the assembler. It didn't change anything.
>
> C may be low level and all, but mixing it with assembler may be fraught
> with problemos.

     When I take this code and pass it into a stack based buffer
overflow, the hex code from it does not run. The program produces
strange results. Can anyone explain to me why this hex code would not
work in a buffer overflow, and what I need to do in order to be able to
do something simple like a printf from within the buffer of a buffer
overflow (keep in mind there cannot be any \x00's in the machine code)?

>
>
> EC<:-}
>
> dude84 wrote:
>
>> Hi,
>>
>> I need assistance with learning how to write assembler code (custom)
>> that will work with computer security related issues like a stack
>> based buffer overflow. Can anyone point me in the direction of a
>> newsgroup that could help me with this?
>> I've written a piece of assembler that calls the printf function,
>> and when I pass it into the buffer on my machine it does nothing and
>> segmentation faults. I'm using gas with gcc. I push the string onto
>> the stack call the function, add the memory space back to the stack,
>> and call the function to exit the program. I need someone's help to
>> explain why the hex code from this program does nothing.
>>
>>
>

Relevant Pages

  • Re: input & output in assembly
    ... [As you've not specified OS or assembler, ... using individual character I/O and handling the rest yourself in your ... it finds in that string, ... ENTER key is pressed (maximum buffer size: ...
    (comp.lang.asm.x86)
  • Re: input & output in assembly
    ... [As you've not specified OS or assembler, ... using individual character I/O and handling the rest yourself in your ... it finds in that string, ... ENTER key is pressed (maximum buffer size: ...
    (alt.lang.asm)
  • Re: Linux Security
    ... Yes I did terminate the string with a \n character. ... function available to the assembler. ... Can anyone explain to me why this hex code would not ... work in a buffer overflow, and what I need to do in order to be able to ...
    (comp.os.linux.security)
  • Re: Buffer Overflow Exploits
    ... But in assembler neither kind of string is builtin, ... You can strncpy for the full buffer size, ... And strncat requires the _remaining_ size less one not the total, ...
    (comp.lang.asm.x86)
  • Re: Discovering variable types...
    ... >- but I suppose MS expect us to use wrappers ... memory allocations for your variables from disk as well. ... >They most certainly are of fixed size, changing the size of a String ... >>me to keep buffer size and current postion right in the memory block. ...
    (comp.lang.pascal.delphi.misc)