We can create a Position Independent Executable (PIE) using -fPIE compiler option and -pie linker option of gcc.
A nice example collected from net.
aslr.c
======
#include <stdio.h>
static void foo() {}
static int bar = 5;
int main(void)
{
int baz = 5;
printf("function: %p, library function: %p, data: %p, stack: %p\n", foo, &printf, &bar, &baz);
return 0;
}
=======
Now do
$ gcc -o aslr aslr.c; for i in $(seq 1 10); do ./aslr; done
$ gcc -fPIE -o aslr aslr.c; for i in $(seq 1 10); do ./aslr; done
$ gcc -fPIE -pie -o aslr aslr.c; for i in $(seq 1 10); do ./aslr; done
and see what you get!!
Source: https://wiki.archlinux.org/index.php/DeveloperWiki:Security
No comments:
Post a Comment