- Code: Select all
const int main[] = {
-443987883, 440, 113408, -1922629632,
4149, 899584, 84869120, 15544,
266023168, 1818576901, 1461743468, 1684828783,
-1017312735
};
Программа для linux x86-64 и гцц.
const int main[] = {
-443987883, 440, 113408, -1922629632,
4149, 899584, 84869120, 15544,
266023168, 1818576901, 1461743468, 1684828783,
-1017312735
};
.file "test.c"
.globl main
.section .rodata
.align 32
.type main, @object
.size main, 52
main:
.long -443987883
.long 440
.long 113408
.long -1922629632
.long 4149
.long 899584
.long 84869120
.long 15544
.long 266023168
.long 1818576901
.long 1461743468
.long 1684828783
.long -1017312735
.ident "GCC: (Debian 4.7.4-3) 4.7.4"
.section .note.GNU-stack,"",@progbits
"R" "r" The symbol is in a read only data section.
...
Disassembly of section .rodata:
08048460 <_fp_hw>:
8048460: 03 00 add (%eax),%eax
...
08048464 <_IO_stdin_used>:
8048464: 01 00 add %eax,(%eax)
8048466: 02 00 add (%eax),%al
...
08048480 <main>:
8048480: 55 push %ebp
8048481: 48 dec %eax
8048482: 89 e5 mov %esp,%ebp
8048484: b8 01 00 00 00 mov $0x1,%eax
8048489: bb 01 00 00 00 mov $0x1,%ebx
804848e: 67 8d 35 lea (%di),%esi
8048491: 10 00 adc %al,(%eax)
8048493: 00 00 add %al,(%eax)
8048495: ba 0d 00 00 00 mov $0xd,%edx
804849a: 0f 05 syscall
....
fk0 wrote:Ну и покажи как это ведро и рантайм запустить.
PaX offers executable space protection, using (or emulating in operating system software) the functionality of an NX bit (i.e., built-in CPU/MMU support for memory contents execution privilege tagging). It also provides address space layout randomization to defeat ret2libc attacks and all other attacks relying on known structure of a program's virtual memory.
Users browsing this forum: No registered users and 0 guests