Monday, 9 May 2016

Unable to Test Buffer Overflow Attacks with GCC?

Buffer-Overflow
Stack Smashing
Recently I was trying to attempt a buffer overflow attack when I came across Stack Smashing Detected. In case you don't know what this is, don't bother reading further.

Looks like GCC has new cool feature which protects codes from buffer overflow attacks. So to some extent even if a programmer doesn't check for a buffer overflow error GCC still might check it and protect the code.




Solution

In case you are practicing a Buffer overflow option use the following compiling option:

-fno-stack-protector

along with your regular command. So your compiling command will now look like this
gcc -fno-stack-protector-o myexecutable code.c 

!!Happy Testing!!

Update: I later on went to discover that GCC not only protects your code from buffer overflows in the stack segment but also protects your code from buffer overflows in the heap segment. GCC is truly a secure compiler.

Reference:



picture by https://pixabay.com/en/users/pixelcreatures-127599/
picture link https://pixabay.com/en/security-protection-anti-virus-265130/




No comments:

Post a Comment