Setting the environment – the Brazilian way
April 2, 2010
Hi everyone! Following Cesar’s steps, first of all, let me introduce myself. My name is Julio and just like him, I’m learning about software exploitation and getting back on the track by dusting off my hacking skills.
As opposed to Cesar, who created his VM from scratch and turned off all protections that came by default in Gentoo, I am a lazy ass and decided to jump over all these steps and downloaded a pre-built Debian image from Stanford’s CS155 (Computer and Network Security), used in their exploitation classes.
Needless to say the image I downloaded fullfil all of our purposes, with all protections already turned off but Address Space Layout Randomization, implemented by default since kernel 2.6.12. It can be disabled manually by issuing:
echo 0 > /proc/sys/kernel/randomize_va_space
By the way, I appended this command to /etc/rc.d/rc.local so everytime I boot up the virtual machine it turns off ASLR.
Now we are ready to get our hands dirty into ABOs. Fasten your seat belts and enjoy the ride.
Setting the Environment: Killing protections!
March 30, 2010
CPUs and Operative Systems takes some rules to protect your computer from simple hacking techniques. As we are learning, we need a system as simpler as we could.
PaX is a kernel patch that implements read, write and execution protections for memory pages.
Kernel offers some options, the one that we are interested is NOEXEC:
The goal of NOEXEC is to prevent the injection and execution of code into atask’s address space and render this exploit technique unusable under PaX.
Setting the environment: install Gentoo over a VM
March 30, 2010
Hello! My name is César and I am learning about hacking. As I’m a newbie I decided to learn using the ABOs. So… here we are!
My first step to do it, is setting the environment! Creating the place to play with ABOs. My decision was to install Gentoo linux from a minimal cd and run it inside Kvm over a gentoo installation. My virtual machine will have a 2gb hard-drive and 2gb ram.
UPDATED: 4-4-2010, added gdb instalation!
