PDA

View Full Version : If the address ESP for every program is equal?



leetow2003
04-08-2012, 03:52 AM
I read a book,it said:
In Linux Shell,the address for ESP every program
is equal,and it supportes the codes:


unsigned long get_sp()
{
__asm__("movl %esp,%eax");
}


and then I add this codes in my two programs,and
I insert it on the start about the function main() ,
but I find they get different value,how to explain?
(I first run in Shell:echo "0" >/proc/sys/kernel/randomize_va_space)

Salem
04-08-2012, 05:46 AM
Your book is old.

Address space randomisation is new-ish - primarily designed to stop stupid script kiddies from trying buffer overflow / code injection.

Salem
04-08-2012, 06:00 AM
But seriously, you need to find another direction for your curiosity.
You're not learning C or C++, you're just out to grab hacking information - nothing more.

MK27
04-08-2012, 06:32 AM
(I first run in Shell:echo "0" >/proc/sys/kernel/randomize_va_space)

Hmm, that works for me, but you need root permissions to do it. Did you check to see that it was set?

root~/C
»cat /proc/sys/kernel/randomize_va_space
0
root~/C
»./a.out
4294958384
root~/C
»./a.out
4294958384
root~/C
»./a.out
4294958384
root~/C
»echo 2 > /proc/sys/kernel/randomize_va_space
root~/C
»cat /proc/sys/kernel/randomize_va_space
2
root~/C
»./a.out
4120804800
root~/C
»./a.out
705018288
root~/C
»./a.out
3830575680

W/ custom x64 kernel, v.3.0.6


you're just out to grab hacking information - nothing more.

I could see it being worth knowing once in a blue moon.