Thread: Why it can run in XP,but it can't run in Linux?

  1. #1
    Registered User
    Join Date
    Jun 2011
    Posts
    50

    Why it can run in XP,but it can't run in Linux?

    Look:
    Code:
    /* machine code is:
    push %ebp
    mov %esp,%ebp
    pop %ebp
    ret
    */
    unsigned char code[]=
    "\x55\x89\xe5\x5d\xc3";
    
    typedef void  (*PF)();
    
    int main(void)
    {
    PF pf=(PF)&code;
    (*pf)();
    return 0;
    }
    My linux OS is CentOS 5.3,and I install it in vmware,
    I can run it using vc6,but it can't be run in linux,
    it said:Segmentation fault,and I debug it using gdb,
    it display the line (*pf)() is error:Segmentation fault,
    why?how to correct it?

  2. #2
    Registered User
    Join Date
    Dec 2011
    Posts
    795
    It's funny that you're still trying to abuse buffer overflow bugs even though that problem has mostly been eradicated on good systems.

    Note, I said good systems. Windows XP, besides being old enough that the attack was not prevalent on launch, is also a buggy system. Linux, however, is maintained by security-conscious and frequent programmers. Your attack was protected with the NX bit system that marks non-executable memory as such.

  3. #3
    Master Apprentice phantomotap's Avatar
    Join Date
    Jan 2008
    Posts
    5,108
    Do you plan on building a "JIT" compiler or "thunking" library?

    If not, shame on you.

    Soma

  4. #4
    Master Apprentice phantomotap's Avatar
    Join Date
    Jan 2008
    Posts
    5,108
    It's funny that you're still trying to abuse buffer overflow bugs even though that problem has mostly been eradicated on good systems.
    O_o

    Well, you know, except for the fact that buffer overflow exploits aren't even close to being eradicated on any system and probably never will be seeing as multiple payloads have been constructed that can bypass the "NX" bit checks for different core components because programmers have access to facilities that can map memory into an executable area meaning that programmers still fail to do their job properly in the exact same way as they always have.

    [Edit]
    And of course, developing payloads that eventually result in injected code is only one of several types of buffer overflow exploit.
    [/Edit]

    Soma
    Last edited by phantomotap; 04-14-2012 at 06:31 PM.

  5. #5
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    memcpy called it here -> How to call assemble code

    Read the rules, we're not going to help you to become a hacker.

    Thread closed.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Linux for GNU/Linux is not correct?
    By password636 in forum Linux Programming
    Replies: 8
    Last Post: 03-31-2009, 08:30 PM
  2. good ide for linux ( mandriva linux )
    By abhijeetnayak in forum Linux Programming
    Replies: 3
    Last Post: 05-28-2006, 05:49 AM
  3. i'm new to linux - which linux to install?
    By wakish in forum Linux Programming
    Replies: 38
    Last Post: 02-27-2006, 12:40 PM
  4. c++ in linux....
    By St0rmTroop3er in forum Linux Programming
    Replies: 6
    Last Post: 11-16-2005, 03:14 PM
  5. linux???
    By Kohatian 3279 in forum Linux Programming
    Replies: 2
    Last Post: 02-12-2002, 07:27 AM