Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Data execution prevention: How to disable it?

  1. #1

    Default Data execution prevention: How to disable it?

    Hello!
    I'm testing some shellcodes and I keep getting segmentation fault error. I suspect that this is because of data execution prevention feature, but I couldn't find the file related to it. Can someone tell me how to disable it?

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    15,740

    Default Re: Data execution prevention: How to disable it?

    It is the Kernel doing this and it is one of the basic error preventions in any operating system. IMHO you can not switch this off (except by rewriting the Kernel).

    When you mean with "shellcodes" that you have a shell (probably bash) script getting this, I am also of the opinion that this should not happen whatever statements you have there. In other words this is a bug. It could also be that it is not happening in bash, but in a tool/program you call from the script, in that case it is of course a bug in that tool.
    Henk van Velden

  3. #3

    Default Re: Data execution prevention: How to disable it?

    I thought that this should be possible. I found this article Linux Disable or Enable ExecShield Buffer Overflows Protection
    However, I don't know if it works on Opensuse or not. I wanted to ask whether it's safe before trying it out.

    Looks like I've to test the legacy shellcodes on Redhat Linux 9 only (:

  4. #4
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    15,740

    Default Re: Data execution prevention: How to disable it?

    Thanks for not providing the information of your last post in post #1 .

    The following might be a bit silly because the steps I took are so obviuous that you will have done them also. But they might be of interest to others reading this thread, so that they have not to take these steps also.

    I took a glance at the article you link to and saw that it used sysctl to manage the kernel parameter kernel.exec-shield.

    I did
    Code:
    man sysctl
    and fount that
    Code:
    sysctl -a
    will give you all the parameters that can be changed with sysctl.

    I found that there is no parameter kernel.exec-shield on my system (openSUSE 11.2 with Kernel 2.6.33-rc2-0.1-desktop).

    I also glanced through the Wikipedia article your link is linking to. There is no mention there that the Kernel patch ever went upstream to be incorporated into the mainstream Kernel. Thus I suppose it is a RedHat only feature.
    Henk van Velden

  5. #5

    Default Re: Data execution prevention: How to disable it?

    Quote Originally Posted by hcvv View Post
    Thanks for not providing the information of your last post in post #1 .
    I wonder how should I take it?.....sorry **holds ears too**

    I'll do some tests on my system and report back. Perhaps it might help someone in the future.

  6. #6

    Default Re: Data execution prevention: How to disable it?

    Quote Originally Posted by ISharma View Post
    I wonder how should I take it?
    Just wanted to say that I wasn't being impolite here. I was really sorry.
    Apologies if that sentence might have hurt you. (English isn't my primary language)

  7. #7
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    15,740

    Default Re: Data execution prevention: How to disable it?

    You did not hurt me. If I am a bit nasty, you may be also of course

    I am always a bit frustrated when people provide as less information as possible when thy start a thread. Instead they should of course provide the maximum amount. Especialy when this is about a subject that does not make a daily appearance here (which you have no doubt tested using the search function before you started the new thread). Or where you are sure that most of your fellow users are not doing the things you are trying.

    We are allways willing to help in our spare time, but when we have to use that spare time by going to look for "shellcodes" and "data execution prevention feature" on the Internet, where you most probably have these knowledge (or at least the links to it) at hand we often get a bit sour.

    I hope that apart from my sarcastic remark, you have seen the information I found on the subject and my interpretation of it. You could go to The Linux Kernel Archives, but I am afraid that it will be a bit difficult to find information a bout your subject. And of course using Google and friends may give you the answers you want. In any case, this feature is not now in openSUSE as far as I can deduct.

    And to finish this, your english is not that bad at all. BTW it is also not my native language. I see you most probably are from Bharat. Thus: नमस्ते
    Henk van Velden

  8. #8

    Default Re: Data execution prevention: How to disable it?

    Yes, I'm from India.
    Thanks, you've been very helpful.

    As a side note, can someone run this code on their system (Opensuse 11.2)? Just wanted to make sure that I'm not going in the wrong direction. If it works properly then the program should just exit (it's an exit shellcode), otherwise it'll give segmentation fault (which confirms that Opensuse uses DEP and is a good thing ).
    Try compiling it with and without '-mpreferred-stack-boundary=2' option.
    $gcc -mpreferred-stack-boundary=2 -o exit exit.c

    and

    $gcc -o exit.c

    Code:
    #include<stdio.h>
    char shellcode[] = "\xbb\x00\x00\x00\x00"
                       "\xb8\x01\x00\x00\x00"
                       "\xcd\x80";
    int main()
    {
      int *ret;
      ret = (int *)&ret+2;
      (*ret)=(int)shellcode;
    }

  9. #9
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    15,740

    Default Re: Data execution prevention: How to disable it?

    Code:
    henk@boven:~/sharma> vi exit.c
    henk@boven:~/sharma> gcc -mpreferred-stack-boundary=2 -o exit exit.c
    henk@boven:~/sharma> l
    totaal 24
    drwxr-xr-x  2 henk wij  4096 aug  5 19:11 ./
    drwxr-xr-x 75 henk wij  4096 aug  5 19:10 ../
    -rwxr-xr-x  1 henk wij 10045 aug  5 19:11 exit*
    -rw-r--r--  1 henk wij   208 aug  5 19:10 exit.c
    henk@boven:~/sharma> ./exit
    Segmentatiefout
    henk@boven:~/sharma> gcc -o exit.c
    gcc: no input files
    henk@boven:~/sharma> gcc -o exit exit.c
    henk@boven:~/sharma> ./exit
    Segmentatiefout
    henk@boven:~/sharma>
    I think the above needs no further explanation. Including the fact that I added the word exit in the second gcc step.

    And I suppose your Dutch is at least as good as my Hindi and thus you will understand what Segmentatiefout means.
    Henk van Velden

  10. #10

    Default Re: Data execution prevention: How to disable it?

    Dank u!
    I was stuck at this point for the past 3 days. Now I know the exact reason the shellcode wasn't working.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •