From: corecode <corecodeat_private> Subject: Re: solaris gdb screen mayhem Cc: vuln-devat_private >I've been attempting a white-hat "exploit" to run some demo code >on the stack on Solaris. The aim is to show whether the non-executable >stack is in force (and the /etc/system file may not be a reliable guide >to this if modified since last boot or something). I am using a suggestion I got off-list. Thanks for all responses. > Apart from your gdb mayhem, why not check the status of the > "noexec_user_stack" flag by querying the running kernel? > > This requires root privs, but is definitely easier than exploiting a > buffer overflow. > > # mdb -k ( or adb if Solaris 7 or below ) > Loading modules: [ unix krtld genunix ufs_log ip nfs random ipc lofs > ptm logindmux ] > > > noexec_user_stack/X > noexec_user_stack: > noexec_user_stack: 0 -- ############################################################## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ##############################################################
This archive was generated by hypermail 2b30 : Mon Sep 03 2001 - 13:06:17 PDT