HomeworkLib
Question

Disable ASLR on a linux system by writing the appropriate value to /proc/sys/kernel/randomize_va_space. Now get the...

Disable ASLR on a linux system by writing the appropriate value to /proc/sys/kernel/randomize_va_space. Now get the netsploit attack to work without having the attacked server print out a stack address. You are allowed beforehand to run a test copy of the server that prints its address. You do not have to complete this live. You can turn in the code that should work to accomplish this goal.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Valid Settings:

  • 0 = Disabled
  • 1 = Conservative Randomization
  • 2 = Full Randomization

To view the current settings for ASLR on your system you can use either cat or more specifically using sysctl:

         $ cat /proc/sys/kernel/randomize_va_space

                  2

Using the command ldd we can view the address space of modules required by applications. The address space used is shown in brackets. We run the ldd command twice against the same command, bash. This allows us to see that the module use a different or random address space each time when ASLR is enabled.:

$ ldd /bin/bash
 linux-vdso.so.1 =>  (0x00007fff6f572000)
 libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007fc1ecf16000)
 libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fc1ecd12000)
 libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fc1ec948000)
 /lib64/ld-linux-x86-64.so.2 (0x00007fc1ed13f000)

$ ldd /bin/bash
 linux-vdso.so.1 =>  (0x00007ffca6113000)
 libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f8e8dc3e000)
 libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f8e8da3a000)
 libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8e8d670000)
 /lib64/ld-linux-x86-64.so.2 (0x00007f8e8de67000)

Disable ASLR:
         Appropriate valuefr disabling ASLR on Linux is 0.

         $ sudo sysctl -w kernel.randomize_va_space=0

Running the same ldd command we see now the modules use the same address space for each execution :

$ ldd /bin/bash
 linux-vdso.so.1 =>  (0x00007ffff7ffa000)
 libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007ffff7bae000)
 libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff79aa000)
 libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff75e0000)
 /lib64/ld-linux-x86-64.so.2 (0x00007ffff7dd7000)

$ ldd /bin/bash
 linux-vdso.so.1 =>  (0x00007ffff7ffa000)
 libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007ffff7bae000)
 libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ffff79aa000)
 libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff75e0000)
 /lib64/ld-linux-x86-64.so.2 (0x00007ffff7dd7000)
0 0
Add a comment
Know the answer?
Add Answer to:
Disable ASLR on a linux system by writing the appropriate value to /proc/sys/kernel/randomize_va_space. Now get the...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • System Time Calculation Objectives of this Lab: The objective of this assignment is to get used...

    System Time Calculation Objectives of this Lab: The objective of this assignment is to get used to the system time information in Linux. You will do that by writing a small program (in either C, C++ or Java) that will access system time information available from the Linux /proc directory. How to proceed with the Program: 1. Information in the /proc/uptime is available just as though the file were a regular text file. You may open the file, read out...

  • Do the following project: Following is the file to be programmed in Linux kernel. Run this...

    Do the following project: Following is the file to be programmed in Linux kernel. Run this program. Include the screenshot of the results. Multi threaded Sorting Application Write a multithreaded sorting program that works as follows: A list of integers is divided into two smaller lists of equal size. Two separate threads (which we will term sorting threads) sort each sub list using a sorting algorithm of your choice. The two sub lists are then merged by a third thread—a...

  • i need help with a mips program to to covert roman numerals to real numbers Lab 4: Roman Numeral Conversion Part A: Due...

    i need help with a mips program to to covert roman numerals to real numbers Lab 4: Roman Numeral Conversion Part A: Due Sunday, 19 May 2019, 11:59 PM Due Friday, 24 May 2019, 11:59 PM Part B: Minimum Submission Requirements Ensure that your Lab4 folder contains the following files (note the capitalization convention): o Diagram.pdf o Lab4. asm O README.txt Commit and push your repository Lab Objective In this lab, you will develop a more detailed understanding of how...

  • CMPS 12B Introduction to Data Structures Programming Assignment 2 In this project, you will write...

    can i get some help with this program CMPS 12B Introduction to Data Structures Programming Assignment 2 In this project, you will write a Java program that uses recursion to find all solutions to the n-Queens problem, for 1 Sns 15. (Students who took CMPS 12A from me worked on an iterative, non-recursive approach to this same problem. You can see it at https://classes.soe.ucsc.edu/cmps012a/Spring l8/pa5.pdf.) Begin by reading the Wikipcdia article on the Eight Queens puzzle at: http://en.wikipedia.org/wiki/Eight queens_puzzle In...

  • These are my answere to the following questions: are they right? 1. B 2. T 3....

    These are my answere to the following questions: are they right? 1. B 2. T 3. T 4. T 5. F 6. T 7. A 8. D 9. E 10. B 11. B 12. A 13. A 14. D 15. C 16. D 17. T 18. C 19. T 20. T 21. T 22. A 23. T 24. D 25. B 26. A 27. A 28. A 29. T 30. C 31. D 32. A 33. T 34. F 35....

  • For this assignment, suppose that a fence is recording entry and exit into the park via...

    For this assignment, suppose that a fence is recording entry and exit into the park via a string as the gate swings open and folks walk in or out with their pet. For example, C++ DP+dp+CP+cp would indicate that an adult dog and an adult entered the park, then a puppy and child entered the park, then an adult cat and an adult entered the park and finally a kitten and a child entered the park. From this information, note...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • SCREENSHOTS OF CODE ONLY!! PLEASE DON'T POST TEXT!! C++ CODE! PLEASE DON'T REPOST OLD POSTS! Objective...

    SCREENSHOTS OF CODE ONLY!! PLEASE DON'T POST TEXT!! C++ CODE! PLEASE DON'T REPOST OLD POSTS! Objective To gain experience with the operations involving binary search trees. This data structure as linked list uses dynamic memory allocation to grow as the size of the data set grows. Unlike linked lists, a binary search tree is very fast to insert, delete and search. Project Description When an author produce an index for his or her book, the first step in this process...

  • Summary should briefly analyze the central problems and issues of the case and provide some analysis...

    Summary should briefly analyze the central problems and issues of the case and provide some analysis and suggestions. Thank you. Lean Initiatives and Growth at Orlando Metering Company It was late August 2002 and Ed Cucinelli, vice president of Orlando Metering Company (OMC), sat in his office on a late Saturday morning. He had come in to prepare for some strategic planning meetings that were scheduled for the upcoming week. As he noticed the uncommon silence in the building, Ed...

  • And there was a buy-sell arrangement which laid out the conditions under which either shareholder could...

    And there was a buy-sell arrangement which laid out the conditions under which either shareholder could buy out the other. Paul knew that this offer would strengthen his financial picture…but did he really want a partner?It was going to be a long night. read the case study above and answer this question what would you do if you were Paul with regards to financing, and why? ntroductloh Paul McTaggart sat at his desk. Behind him, the computer screen flickered with...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT