[PWN] gcc 옵션 보호 기법

옵션 모두 제거(32bit)

gcc -m32 -fno-stack-protector -mpreferred-stack-boundary=2 -z execstack -no-pie -o abcd abcd.c

ASLR

cat /proc/sys/kernel/randomize_va_space #check ASLR

echo 0 > /proc/sys/kernel/randomize_va_space

*#permission error 발생 시*

sudo bash -c "echo 0 > /proc/sys/kernel/randomize_va_space"

randomize_va_space=0이면 ASLR 해제

randomize_va_space=1이면 stack, library가 랜덤

randomize_va_space=2이면 stack, heap, library가 랜덤

우회기법 : memory leak, ROP ..

Canary (Stack Smashing Protector)

gcc -fno-stack-protector

메모리가 변조되었는지 검사

gcc -fstack-protector

canary 넣는 옵션

Nxbit

gcc -z execstack

stack에 실행 권한 제거

RELRO (RELocation Read Only)

gcc -z relro #Partial RELRO
gcc -z relro -z now #FULL RELRO
gcc -z norelro #NO RELRO

PIE

gcc -no-pie # no pie
gcc -fpie # .text ramdomize
gcc -fpie -pie # PIE

32bit compile

sudo apt-get install gcc-multilib #설치가 선행됨.
gcc -m32 #32bit compile
gcc -m64 #default

dummy 제거

gcc -mpreferred-stack-boundary=2 #32bit
gcc -mpreferred-stack-boundary=4 #64bit