Jump to content

Support Jabber

[email protected]

Donate Wallets

Bitcoin

3312mhuXCQm8dadLjAjatTptAynoVXpHSg

XMR

894nrpwSyqqVixB2rThRF49PuUwoocaeK6RBA1AsmqPw55eWT1wFmF8R3zsWJC5hDZ1XrTwdzHnTTPKF3zSqLDNNBp3nJmk

Perfect Money

Euro E33184153 | USD U36405241

bon-jovi

Members
  • Content count

    2
  • Joined

  • Last visited

  • Feedback

    N/A

Community Reputation

0 Neutral
  1. I have a question. I try to perform a ROP attack. My system is a 64 bit Kali linux which is running on a virtual machine. During my research I found out, that I am not able to overwrite the eip as long as "stack canary" is activated. The problem is, that stack canary is only disabled when the file is compiled dynamic. When it is compiled dynamic the problem is that there are not enough gadgets to use to perform a rop attack. when I compile it with the -static option there are enough gadgets but stack canary is activated. Now I have the question if there is any possibility to compile a file with the -static command and disable stack canary? I run this on a Linux kali 5.16.0-kali7-amd64 #1 SMP PREEMPT Debian 5.16.18-1kali1 (2022-04-01) x86_64 GNU/Linux The command is: gcc -mpreferred-stack-boundary=2 -fno-stack-protector -std=c++11 -z execstack -no-pie -m32 -save-temps -static main.cpp -o main -lstdc++ Doing it like this does not deactivate the stack canary. Leaving the "-static" command deactivates the stack canary and I have no idea why.
  2. Hello everybody, at the moment I am doing my safety and security master and I am writing my master thesis. For this thesis I have to perform a Return-Oriented-Programming (ROP) attack. To do this I already set up a Kali linux VM, wrote me a simple C++ program which contains a buffer overflow and I examined everything using tools like ROPgadget, ropper, Ghidra and gbd. I also used to perform a lot of different tutorials and so on. Unfortunately, none of these attempts have worked so far and I was not able to spawn a shell. I tryied to turn off everry possible securty mechanism such as DEP, ASLR, Canary, ... but still does not work. I want to ask if anybody has experience with performaing a return oriented programming or code reuse attack and could give me tricks and tipps or suggest some tools I could use for. It would really help me! Thank you very much and best regards Bon-jovi
×