Binary protection mechanism - Code World

Binary protection mechanism

Others 2019-05-29 19:53:53 views: null

Here it is primarily concerned with the protection mechanism ELF binaries under the CTF linux. There is a script checksec command to view current protection mechanism in linux binaries. Any install a plug-gdb will put checksec script included.

Execution in gdb: 
gdb> checksec the Test 
Canary: No 
NX: Yes 
PIE: No 
Fortify: No 
RelRO: Partial 

execution directly in the shell: 
$ checksec the Test 
Arch: i386-32-Little 
RELRO: Partial RELRO 
Stack: No Canary found 
NX : NX Enabled 
PIE: No PIE (0x8048000)

You can see checksec instruction architecture can view the current binary file and taken to protection mechanisms.

1.Canary (stack protection)

This option means that stack protection function is not enabled.

Stack overflow protection is a buffer overflow attack mitigation means, when there is a function of buffer overflow vulnerabilities, an attacker can overwrite the return address on the stack to make shellcode can be implemented. When the stack protection is enabled, when the function will begin to insert cookie information to the stack when the function returns true cookie will verify the information is legitimate, if not legally stop running. An attacker overwrite the return address, it tends to cookie information will be overwritten, resulting stack protection check fails and prevent the execution of the shellcode. In Linux we will be called cookie information canary.

2.NX / DEP (the stack is not performed)

NX That No-eXecute (unenforceable) the meaning of the basic principles of NX (DEP) where the data is marked as non-executable memory pages, when the program successfully into the overflow shellcode, the program will try to execute commands on the data page, this when the CPU will throw an exception, rather than to execute malicious commands.

3.PIE / ASLR (address randomization)

4.Fortify

This protection mechanism to check for a long time are not very good Chinese describe it in fact and stack protection according to my understanding of the new gcc are a mechanism for enhanced protection against buffer overflow attacks. Because not too common, without much understanding.

5.RelRO

Setting the table is read-only or redirection symbol parsing and binding on all dynamic symbols, thereby reducing the GOT (Global Offset Table) attacks when the program starts.

Guess you like

Origin www.cnblogs.com/nul1/p/10944265.html

Binary protection mechanism

SpringCloud Hystrix protection mechanism

There is no memory protection mechanism in the kernel

Rootless mechanism on MacOSX integrated protection system (System Integrity Protection)

Blockchain Privacy Protection (2): Privacy Protection Mechanism at the Network Layer

Blockchain Privacy Protection (1): Privacy Protection Mechanism at the Transaction Layer

SpringCloud of Eureka self-protection mechanism

Eureka Service Governance - self-protection mechanism

Freertos critical sections of code protection mechanism

[SpringClould] eureka's self-protection mechanism

Eureka Eureka articles [three] self-protection mechanism (3)

Net work is on the road--Talking about the protection mechanism in spanning tree

A brief introduction to Eureka's implementation principle and self-protection mechanism

Eureka self-protection mechanism source code analysis

Memory protection mechanism and bypass scheme - bypassing safeSEH from the heap

Eureka: service registration-information configuration-self-protection mechanism

Eight .Windows kernel protection mechanism - protection Page 3 - PDE PTE property

Memory protection mechanism and bypass scheme - bypassing /GS mechanism by overwriting virtual function table

Memory protection mechanism and bypass scheme - bypass/GS mechanism by overriding SEH exception handling function

Using java to realize the mutual conversion mechanism of decimal and binary decimals

Using java to realize the mutual conversion mechanism of decimal and binary decimals

Using java to realize the mutual conversion mechanism of decimal and binary decimals

Eureka role of self-protection mechanism, health check, actuator module monitors

Facing the continuous evolution of DDoS, what kind of DDoS protection mechanism can help you out of the sea of hardship?

0501-Hystrix Protection Application - Timeout Mechanism, Introduction to Circuit Breaker Mode

Memory protection mechanism and bypass method - bypassing SafeSEH by using the SafeSEH module that is not enabled

Memory protection mechanism and bypass method - bypassing SafeSEH by using the SafeSEH module that is not enabled

[Microservices] First understanding of Spring Cloud, Eureka registration center, Eureka cluster, Eureka self-protection mechanism

AUTOSAR specifications and ECU software development (Practice) 9.7 E2E protection of AUTOSAR safety mechanism

AUTOSAR specifications and ECU software development (Practice) 9.5 Storage space protection of AUTOSAR security mechanism

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)