I have a question. I try to perform a ROP attack. My system is a 64 bit Kali linux which is running on a virtual machine. During my research I found out, that I am not able to overwrite the eip as long as "stack canary" is activated. The problem is, that stack canary is only disabled when the file is linked dynamic. When it is linked dynamic the problem is that there are not enough gadgets to use to perform a rop attack. when I linked it with the -static option there are enough gadgets but stack canary is activated. Now I have the question if there is any possibility to linked a file with the -static command and disable stack canary?
I run this on a Linux kali 5.16.0-kali7-amd64 #1 SMP PREEMPT Debian 5.16.18-1kali1 (2022-04-01) x86_64 GNU/Linux
The command is: gcc -mpreferred-stack-boundary=2 -fno-stack-protector -std=c++11 -z execstack -no-pie -m32 -save-temps -static main.cpp -o main -lstdc++
Doing it like this does not deactivate the stack canary.
Leaving the "-static" command deactivates the stack canary and I have no idea why.
Aucun commentaire:
Enregistrer un commentaire