Linux Security - Questions

This is a discussion on Linux Security - Questions ; Hi, I need assistance with learning how to write assembler code (custom) that will work with computer security related issues like a stack based buffer overflow. Can anyone point me in the direction of a newsgroup that could help me ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Linux Security

  1. Linux Security

    Hi,

    I need assistance with learning how to write assembler code (custom)
    that will work with computer security related issues like a stack based
    buffer overflow. Can anyone point me in the direction of a newsgroup
    that could help me with this?
    I've written a piece of assembler that calls the printf function, and
    when I pass it into the buffer on my machine it does nothing and
    segmentation faults. I'm using gas with gcc. I push the string onto
    the stack call the function, add the memory space back to the stack, and
    call the function to exit the program. I need someone's help to explain
    why the hex code from this program does nothing.



  2. Re: Linux Security

    did you terminate the string you stacked with a newline character?
    --> "\n" ??

    otherwise the standard C function printf will fail when you pass it the
    address of the stack, which is what I presume you passed it.

    The other problem is that stdio.h was not known to be included in your
    routine. How do you include it, such that the function knows where to
    send the io?

    C may be low level and all, but mixing it with assembler may be fraught
    with problemos.


    EC<:-}

    dude84 wrote:
    > Hi,
    >
    > I need assistance with learning how to write assembler code (custom)
    > that will work with computer security related issues like a stack based
    > buffer overflow. Can anyone point me in the direction of a newsgroup
    > that could help me with this?
    > I've written a piece of assembler that calls the printf function, and
    > when I pass it into the buffer on my machine it does nothing and
    > segmentation faults. I'm using gas with gcc. I push the string onto
    > the stack call the function, add the memory space back to the stack, and
    > call the function to exit the program. I need someone's help to explain
    > why the hex code from this program does nothing.
    >
    >



  3. Re: Linux Security


    E. Charters wrote:
    > did you terminate the string you stacked with a newline character?
    > --> "\n" ??

    Yes I did terminate the string with a \n character.
    I created a string variable and pushed the variable onto the stack.
    Here is a copy of the code:
    File: message2.s
    gcc2_compiled:
    ,data
    .LCO:
    .string "Hello World\n"
    .global main
    .type main,@function
    main:
    pushl $.LCO
    call printf
    addl $0x4,%esp
    call exit
    This program functions when run from a prompt. This program is
    strictly assembler.

    >
    > otherwise the standard C function printf will fail when you pass it the
    > address of the stack, which is what I presume you passed it.
    >
    > The other problem is that stdio.h was not known to be included in your
    > routine. How do you include it, such that the function knows where to
    > send the io?

    I actually added one printf to the main program to try and make the
    function available to the assembler. It didn't change anything.
    >
    > C may be low level and all, but mixing it with assembler may be fraught
    > with problemos.


    When I take this code and pass it into a stack based buffer
    overflow, the hex code from it does not run. The program produces
    strange results. Can anyone explain to me why this hex code would not
    work in a buffer overflow, and what I need to do in order to be able to
    do something simple like a printf from within the buffer of a buffer
    overflow (keep in mind there cannot be any \x00's in the machine code)?


    >
    >
    > EC<:-}
    >
    > dude84 wrote:
    >
    >> Hi,
    >>
    >> I need assistance with learning how to write assembler code (custom)
    >> that will work with computer security related issues like a stack
    >> based buffer overflow. Can anyone point me in the direction of a
    >> newsgroup that could help me with this?
    >> I've written a piece of assembler that calls the printf function,
    >> and when I pass it into the buffer on my machine it does nothing and
    >> segmentation faults. I'm using gas with gcc. I push the string onto
    >> the stack call the function, add the memory space back to the stack,
    >> and call the function to exit the program. I need someone's help to
    >> explain why the hex code from this program does nothing.
    >>
    >>

    >


  4. Re: Linux Security

    dude84 wrote:
    >
    > E. Charters wrote:


    My background is MSDOS assembly language, I've not done much Linux stuff, so
    I'm not experienced in this field.

    I can tell you that to use C functions from a library, it is necessary to
    initialize the C environment. The C compiler builds the executable in such a
    manner that a call to an initialization routine called something like __cmain,
    but I can't remember exactly, since it has been a long time since I did this.
    You will need to make the appropriate call before you can use the C libraries.
    You will need to make sure that the stack is set up in such a manner as expected
    by the libraries that you are calling.

    I suggest that you make a "hello world" program in c then get the compiler to
    output the assembly language source. You need to then try and get your
    assembler to compile it and see if you can run it.

    I hope in future to have a MASM 6 equivalent for Linux.

    Regards,

    Mark.

    --
    Mark Hobley
    393 Quinton Road West
    Quinton
    Birmingham
    B32 1QE

    Telephone: (0121) 422 6580

    Email: markhobley at hotpop dot donottypethisbit com

    http://markhobley.yi.org/


  5. Re: Linux Security

    There is gdb that works with assembler that will
    allow you to see the output line by line.

    gdb will work with c programs and assembler.

    What I would try is to write the function in C and
    then insert it in the buffer. Perhaps it is the way
    you are trying to call it that matters. There is
    no execution of the code as there is no load
    and execute provision ipso facto in your process.

    EC<:-}


    dude84 wrote:
    >
    > E. Charters wrote:
    >
    >> did you terminate the string you stacked with a newline character?
    >> --> "\n" ??

    >
    > Yes I did terminate the string with a \n character.
    > I created a string variable and pushed the variable onto the stack.
    > Here is a copy of the code:
    > File: message2.s
    > gcc2_compiled:
    > ,data
    > .LCO:
    > .string "Hello World\n"
    > .global main
    > .type main,@function
    > main:
    > pushl $.LCO
    > call printf
    > addl $0x4,%esp
    > call exit
    > This program functions when run from a prompt. This program is
    > strictly assembler.
    >
    >>
    >> otherwise the standard C function printf will fail when you pass it
    >> the address of the stack, which is what I presume you passed it.
    >>
    >> The other problem is that stdio.h was not known to be included in your
    >> routine. How do you include it, such that the function knows where to
    >> send the io?

    >
    > I actually added one printf to the main program to try and make the
    > function available to the assembler. It didn't change anything.
    >
    >>
    >> C may be low level and all, but mixing it with assembler may be
    >> fraught with problemos.

    >
    >
    > When I take this code and pass it into a stack based buffer
    > overflow, the hex code from it does not run. The program produces
    > strange results. Can anyone explain to me why this hex code would not
    > work in a buffer overflow, and what I need to do in order to be able to
    > do something simple like a printf from within the buffer of a buffer
    > overflow (keep in mind there cannot be any \x00's in the machine code)?
    >
    >
    >>
    >>
    >> EC<:-}
    >>
    >> dude84 wrote:
    >>
    >>> Hi,
    >>>
    >>> I need assistance with learning how to write assembler code
    >>> (custom) that will work with computer security related issues like a
    >>> stack based buffer overflow. Can anyone point me in the direction of
    >>> a newsgroup that could help me with this?
    >>> I've written a piece of assembler that calls the printf function,
    >>> and when I pass it into the buffer on my machine it does nothing and
    >>> segmentation faults. I'm using gas with gcc. I push the string onto
    >>> the stack call the function, add the memory space back to the stack,
    >>> and call the function to exit the program. I need someone's help to
    >>> explain why the hex code from this program does nothing.
    >>>
    >>>

    >>



  6. Re: Linux Security

    dude84 wrote:

    >
    > E. Charters wrote:
    >> did you terminate the string you stacked with a newline character?
    >> --> "\n" ??

    > Yes I did terminate the string with a \n character.
    > I created a string variable and pushed the variable onto the stack.
    > Here is a copy of the code:
    > File: message2.s
    > gcc2_compiled:
    > ,data
    > .LCO:
    > .string "Hello World\n"
    > .global main
    > .type main,@function
    > main:
    > pushl $.LCO
    > call printf
    > addl $0x4,%esp
    > call exit
    > This program functions when run from a prompt. This program is
    > strictly assembler.
    >


    The \n is nice and all but it doesn't actually terminate the string you need
    to have a \0 for printf to recognise that the string is finished.

    BTW I strongly suggest you take a look at NASM as it has a syntax that's far
    closer to tradition x86 assemblers such as MASM and TASM

    --
    All software sucks all hardware sucks.

  7. Re: Linux Security

    On Fri, 18 Feb 2005 11:27:14 +0000, dude84 wrote:

    >


    > ,data


    I would have said ".section .data" here.

    > .LCO:
    > .string "Hello World\n"


    I would have said ".asciz "Hello World\n" here, to make sure the string is
    NULL terminated.

    > .global main
    > .type main,@function
    > main:
    > pushl $.LCO
    > call printf
    > addl $0x4,%esp
    > call exit
    > This program functions when run from a prompt. This program is
    > strictly assembler.
    >
    >>


    >>>
    >>> I need assistance with learning how to write assembler code (custom)
    >>> that will work with computer security related issues like a stack
    >>> based buffer overflow. Can anyone point me in the direction of a
    >>> newsgroup that could help me with this?
    >>> I've written a piece of assembler that calls the printf function,
    >>> and when I pass it into the buffer on my machine it does nothing and
    >>> segmentation faults. I'm using gas with gcc. I push the string onto
    >>> the stack call the function, add the memory space back to the stack,
    >>> and call the function to exit the program. I need someone's help to
    >>> explain why the hex code from this program does nothing.


    Here are some useful resources:

    http://www.phrack.org/show.php?p=49&a=14 is the definitive essay on buffer
    overflows. Visiting this web site would be considered by many as
    "suspicious activity."

    "Professional Assembly Language," by Richard Blum, published by Wiley
    (www.wiley.com) and Wrox (www.wrox.com) is a good book that covers
    use of gcc and mixing assembly with C.

    "The Definitive Guide to GCC," by Kurt Wall and William von Hagen,
    published by Apress and Springer-Verlag, is a good reference on the gory
    details of gcc.

    >>>
    >>>

    >>


    --
    Thomas D. Shepard
    I am sorry, but you can't email me.
    ImaSpammer@spam.sux is not a real email address. I figure if someone wants to
    harvest an email address to use for sending spam, they may as well use this one.

+ Reply to Thread