2014년 1월 26일 일요일

ubuntu 13.10 & etc ASLR disable / 우분투 ASLR 해제

root@mango-virtual-machine:/proc/sys/kernel# cat /proc/self/maps 
08048000-08053000 r-xp 00000000 08:01 655385     /bin/cat
08053000-08054000 r--p 0000a000 08:01 655385     /bin/cat
08054000-08055000 rw-p 0000b000 08:01 655385     /bin/cat
08055000-08076000 rw-p 00000000 00:00 0          [heap]
b72bf000-b73f1000 r--p 00858000 08:01 7674       /usr/lib/locale/locale-archive
b73f1000-b75f1000 r--p 00000000 08:01 7674       /usr/lib/locale/locale-archive
b75f1000-b75f2000 rw-p 00000000 00:00 0 
b75f2000-b77a0000 r-xp 00000000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b77a0000-b77a2000 r--p 001ae000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b77a2000-b77a3000 rw-p 001b0000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b77a3000-b77a6000 rw-p 00000000 00:00 0 
b77b8000-b77b9000 r--p 00855000 08:01 7674       /usr/lib/locale/locale-archive
b77b9000-b77bb000 rw-p 00000000 00:00 0 
b77bb000-b77bc000 r-xp 00000000 00:00 0          [vdso]
b77bc000-b77dc000 r-xp 00000000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b77dc000-b77dd000 r--p 0001f000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b77dd000-b77de000 rw-p 00020000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
bfef4000-bff15000 rw-p 00000000 00:00 0          [stack]
root@mango-virtual-machine:/proc/sys/kernel#
root@mango-virtual-machine:/proc/sys/kernel# cat /proc/self/maps 
08048000-08053000 r-xp 00000000 08:01 655385     /bin/cat
08053000-08054000 r--p 0000a000 08:01 655385     /bin/cat
08054000-08055000 rw-p 0000b000 08:01 655385     /bin/cat
08055000-08076000 rw-p 00000000 00:00 0          [heap]
b7239000-b736b000 r--p 00858000 08:01 7674       /usr/lib/locale/locale-archive
b736b000-b756b000 r--p 00000000 08:01 7674       /usr/lib/locale/locale-archive
b756b000-b756c000 rw-p 00000000 00:00 0 
b756c000-b771a000 r-xp 00000000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b771a000-b771c000 r--p 001ae000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b771c000-b771d000 rw-p 001b0000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b771d000-b7720000 rw-p 00000000 00:00 0 
b7732000-b7733000 r--p 00855000 08:01 7674       /usr/lib/locale/locale-archive
b7733000-b7735000 rw-p 00000000 00:00 0 
b7735000-b7736000 r-xp 00000000 00:00 0          [vdso]
b7736000-b7756000 r-xp 00000000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7756000-b7757000 r--p 0001f000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7757000-b7758000 rw-p 00020000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
bfebf000-bfee0000 rw-p 00000000 00:00 0          [stack]

root@mango-virtual-machine:/proc/sys/kernel# sysctl -w kernel.randomize_va_space=0
kernel.randomize_va_space = 0
root@mango-virtual-machine:/proc/sys/kernel# cat /proc/self/maps 
08048000-08053000 r-xp 00000000 08:01 655385     /bin/cat
08053000-08054000 r--p 0000a000 08:01 655385     /bin/cat
08054000-08055000 rw-p 0000b000 08:01 655385     /bin/cat
08055000-08076000 rw-p 00000000 00:00 0          [heap]
b7ae1000-b7c13000 r--p 00858000 08:01 7674       /usr/lib/locale/locale-archive
b7c13000-b7e13000 r--p 00000000 08:01 7674       /usr/lib/locale/locale-archive
b7e13000-b7e14000 rw-p 00000000 00:00 0 
b7e14000-b7fc2000 r-xp 00000000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc2000-b7fc4000 r--p 001ae000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc4000-b7fc5000 rw-p 001b0000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc5000-b7fc8000 rw-p 00000000 00:00 0 
b7fda000-b7fdb000 r--p 00855000 08:01 7674       /usr/lib/locale/locale-archive
b7fdb000-b7fdd000 rw-p 00000000 00:00 0 
b7fdd000-b7fde000 r-xp 00000000 00:00 0          [vdso]
b7fde000-b7ffe000 r-xp 00000000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7ffe000-b7fff000 r--p 0001f000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7fff000-b8000000 rw-p 00020000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
bffdf000-c0000000 rw-p 00000000 00:00 0          [stack]
root@mango-virtual-machine:/proc/sys/kernel#
root@mango-virtual-machine:/proc/sys/kernel# cat /proc/self/maps 
08048000-08053000 r-xp 00000000 08:01 655385     /bin/cat
08053000-08054000 r--p 0000a000 08:01 655385     /bin/cat
08054000-08055000 rw-p 0000b000 08:01 655385     /bin/cat
08055000-08076000 rw-p 00000000 00:00 0          [heap]
b7ae1000-b7c13000 r--p 00858000 08:01 7674       /usr/lib/locale/locale-archive
b7c13000-b7e13000 r--p 00000000 08:01 7674       /usr/lib/locale/locale-archive
b7e13000-b7e14000 rw-p 00000000 00:00 0 
b7e14000-b7fc2000 r-xp 00000000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc2000-b7fc4000 r--p 001ae000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc4000-b7fc5000 rw-p 001b0000 08:01 918455     /lib/i386-linux-gnu/libc-2.17.so
b7fc5000-b7fc8000 rw-p 00000000 00:00 0 
b7fda000-b7fdb000 r--p 00855000 08:01 7674       /usr/lib/locale/locale-archive
b7fdb000-b7fdd000 rw-p 00000000 00:00 0 
b7fdd000-b7fde000 r-xp 00000000 00:00 0          [vdso]
b7fde000-b7ffe000 r-xp 00000000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7ffe000-b7fff000 r--p 0001f000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
b7fff000-b8000000 rw-p 00020000 08:01 918431     /lib/i386-linux-gnu/ld-2.17.so
bffdf000-c0000000 rw-p 00000000 00:00 0          [stack]




cat /proc/self/maps 명령어로 메모리영역을 살펴보았을때 위의 빨간색과,주황색은 ASLR을 disable하기전, 민트색보라색은 ASLR을 disable 한 후이다.

ASLR(Address Space Layout Randomization) 을 해제하려면
 sysctl -w kernel.randomize_va_space=0
명령어를 이용하여 해제하면 된다.
또한 다시 ASLR을 적용하려면 ,
sysctl -w kernel.randomize_va_space=1  (라이브러리, 스택이 랜덤)
sysctl -w kernel.randomize_va_space=2  (라이브러리, 스택, 힙이 랜덤)
을 하면 된다.

만약 basic bof skill을 익히고 싶다면 aslr과 nx를 해제후 공부하면 되겟고, 메모리보호기법을 우회하는 bof skill을 익히려면 두개다 적용후 공부하면 되겟다.
작성자: 시간:
라벨:

댓글 없음:

댓글 쓰기

피드 구독하기: 댓글 (Atom)