Hello guys i want to create a similar file like Stack5 in protostar
The only problem is that when i execute a shellcode , or just \xCC it only works in gdb.
The source code
#include<stdlib.h>
#include<unistd.h>
#include<stdio.h>
#include<string.h>
int main(int argc, char ** argv)
{
char container[32];
gets(container);
}
the command used to build the executable
gcc -z execstack -fno-stack-protector -mpreferred-stack-boundary=2 -m32 -g binary1.c -o binary1
for example a \x90 interrupt
import struct
pad="AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIII"
eip=struct.pack("I",0xffffd6a0+4)
payload="\x90"*12+"\xCC"*4+"\x90"*12
print pad+eip+payload
all the results i get are only segmentation fault ( dump)
Picture here for demonstration Image for comparison
Related
I am testing the example code posted on the official libtorrent website (https://www.libtorrent.org/tutorial-ref.html). I pasted the code here:
#include <libtorrent/session.hpp>
#include <libtorrent/add_torrent_params.hpp>
#include <libtorrent/torrent_handle.hpp>
#include <libtorrent/magnet_uri.hpp>
int main(int argc, char const* argv[])
{
if (argc != 2) {
fprintf(stderr, "usage: %s <magnet-url>\n");
return 1;
}
lt::session ses;
lt::add_torrent_params atp = lt::parse_magnet_uri(argv[1]);
atp.save_path = "."; // save in current dir
lt::torrent_handle h = ses.add_torrent(atp);
// ...
}
I have already installed the libtorrent:
ldconfig -v | grep libtorrent
libtorrent-rasterbar.so.9 -\> libtorrent-rasterbar.so.9.0.0
I used the following command to compile the code:
g++ main.cpp -o run -ltorrent-rasterbar -lboost_filesystem-mt
However, I got errors:
main.cpp: In function 'int main(int, const char\*\*)':
main.cpp:12:3: error: 'lt' has not been declared
lt::session ses;
I also saw another solution, but it does not resolve the issue I am facing: How to compile a libtorrent(rasterbar) code ?
Does anyone know what caused this failure?
Set up MinGW and Netbeans. Only working withe othere IDE's and compilers in before. My machine is x64 win7x64. I'm not shure if I only installed the 32bit version of MinGW.
Compiling a simpel Helle World in x64 leeds to:
g++ -m64 -c -g -MMD -MP -MF "build/Debug/MinGW-Windows/main.o.d"
-o build/Debug/MinGW-Windows/main.o main.cpp
//Message: sorry, unimplemented: 64-bit mode not compiled in
The win32 Version compiles fine.
// ---
g++ -m32 -c -g -MMD -MP -MF "build/Debug/MinGW-Windows/main.o.d"
-o build/Debug/MinGW-Windows/main.o main.cpp
// Compiles without any error...
Starting the 32-Version it prints only one message and terminats withe a segmentation fault before returning from first std:cout. Using ftream, to make a file output same error occures.
The demo-Programm of netbeans "Welcome" throws the same exceptions.
#include <cstdlib>
#include <iostream> // EDIT! (worked at this post long time sry.)
using namespace std;
int main(int argc, char** argv) {
int i = 0; // for making shure, program is working before calling fs.open
std::cout << "hello world blubb" << endl; // this one shows up its message at consol.
//programm aborded.
std::cout << "Now again" << endl; // this on is never reached.
return 0;
}
Errormessages:
Signal received: SIGSEGV ( Segmentation fault )
For programm cppapplication_1 pid 7972
You may discard...
Errormessage windows:
cppapplication_1.exe does not work.
Where can I start my serach? Compiler? some dlls? Dependency Walker?
Thx for any comment =).
Cutton
Perl 5.14 source - Sample program failing
I'm trying to execute the below program on Linux 64 with libperl.so built with 5.14 source
and i'm getting an abort in the location
Program terminated with signal 11, Segmentation fault.
#0 0x00002abdc0eb2656 in Perl_sv_2mortal () from ./libperl.so
(gdb) where
#0 0x00002abdc0eb2656 in Perl_sv_2mortal () from ./libperl.so
#1 0x00000000004010ed in PerlPower ()
#2 0x0000000000401335 in main ()
(gdb)
My program:
#include <EXTERN.h>
#include <perl.h>
#include <stdio.h>
static PerlInterpreter *my_perl;
static void PerlPower(int a, int b)
{
dSP; /* initialize stack pointer */
ENTER; /* everything created after here */
SAVETMPS; /* ...is a temporary variable. */
PUSHMARK(SP); /* remember the stack pointer */
XPUSHs(sv_2mortal(newSViv(a))); /* push the base onto the stack */
XPUSHs(sv_2mortal(newSViv(b))); /* push the exponent onto stack */
PUTBACK; /* make local stack pointer global */
call_pv("expo", G_SCALAR); /* call the function */
SPAGAIN; /* refresh stack pointer *
/* pop the return value from stack */
printf("%d to the %dth power is %d.\n", a, b, POPi);
PUTBACK;
FREETMPS; /* free that return value */
LEAVE; /* ...and the XPUSHed "mortal" args. */
}
int main(int argc, char **argv, char **env)
{
char *my_argv[] = { "", "power.pl" };
PERL_SYS_INIT3(&argc, &argv, &env);
my_perl = perl_alloc();
perl_construct(my_perl);
perl_parse(my_perl, NULL, 2, my_argv, (char **)NULL);
PL_exit_flags |= PERL_EXIT_DESTRUCT_END;
perl_run(my_perl);
PerlPower(3, 4);
/*** Compute 3 ** 4 ***/
perl_destruct(my_perl);
perl_free(my_perl);
PERL_SYS_TERM();
}
power.pl contains the below statements
sub expo {
my ($a, $b) = #_;
return $a ** $b;
}
The above sample C and perl program was taken from the link http://perldoc.perl.org/perlembed.html#Evaluating-a-Perl-statement-from-your-C-program
I'm using the below compiler options
Compiler:
cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -pipe -Wdeclaration-after-statement -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
optimize='-O2 -fmessage-length=0 -Wall -D_FORTIFY_SOURCE=2 -g -Wall -pipe',
cppflags='-D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -pipe -Wdeclaration-after-statement'
ccversion='', gccversion='4.1.2 20070115 (prerelease) (SUSE Linux)', gccosandvers=''
intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
alignbytes=8, prototype=define
Can you please help me to narrow down the problem?
I got one too, I got the win32 equivalent Faulting application power.exe, version 0.0.0.0, faulting module perl514.dll, version 0.0.0.0, fault address 0x000c155f.
but I also got an error message :)
$ power.exe
Can't open perl script "power.pl": No such file or directory
After copying power.pl from embed it works as expected
$ cat power.pl
sub expo {
my ($a, $b) = #_;
return $a ** $b;
}
$ power.exe
3 to the 4th power is 81.
The problem was while compiling the source i hadn't specified the new 5.14.2 header files location. I copied both the c and perl file to the folder containing new header file of 5.14.2 and compiling with below options resolved the problem
g++ -o test_perl test_perl.c -I . -L . -g perl -MExtUtils::Embed -e ccopts -e ldopts
LD_LIBRARY_PATH=.:LD_LIBRARY_PATH;export LD_LIBRARY_PATH
There is such code:
#include <cstdlib>
#include <clang-c/Index.h>
using namespace std;
int main(int argc, char** argv)
{
CXIndex Index = clang_createIndex(0, 0);
CXTranslationUnit TU = clang_parseTranslationUnit(Index, 0, argv, argc, 0, 0, CXTranslationUnit_None);
for (unsigned I = 0, N = clang_getNumDiagnostics(TU); I != N; ++I)
{
CXDiagnostic Diag = clang_getDiagnostic(TU, I);
CXString String = clang_formatDiagnostic(Diag,
clang_defaultDiagnosticDisplayOptions());
fprintf(stderr, "%s\n", clang_getCString(String));
clang_disposeString(String);
}
clang_disposeTranslationUnit(TU);
clang_disposeIndex(Index);
return 0;
}
And it's compiled with following flags:
g++ main.cpp -g -fno-rtti `llvm-config --cxxflags --ldflags --libs` -lclang -o main
However when I want to run main:
./main
then there is following error:
./main: error while loading shared libraries: libclang.so: cannot open shared object file: No such file or directory
However:
$ sudo find / -name libclang.so
/usr/local/lib/libclang.so
Library seems to be on place. How to run this program?
ldconfig creates the necessary links and cache to the most recent
shared libraries found in the directories specified on the command
line, in the file /etc/ld.so.conf, and in the trusted directories
(/lib and /usr/lib)
Try running /sbin/ldconfig and then if that doesn't work try appending the file /etc/ld.so.conf with "/usr/local/lib" and then run /sbin/ldconfig
Commands:
Run the following command and then try compiling/running again
/sbin/ldconfig
If that doesn't work then do this and then try compiling/running again
echo "/usr/local/lib" >> /etc/ld.so.conf
/sbin/ldconfig
The following program aborts with pointer being freed was not allocated:
#include <boost/program_options.hpp>
int main(int argc, char* argv[])
{
boost::program_options::positional_options_description positional;
return 0;
}
I compiled and linked the program with Boost 1.46.1, which I built myself into /usr/local, on OS X 10.6.7. I can't find any installed libboost_program_options other than the one I'm (supposedly) linking against.
Any idea what causes this crash?
Edit: As for stacktrace, the program
#include <boost/program_options.hpp>
#include <execinfo.h>
int main(int argc, char* argv[])
{
boost::program_options::positional_options_description positional;
void* callstack[128];
int i, frames = backtrace(callstack, 128);
char** strs = backtrace_symbols(callstack, frames);
for (i = 0; i < frames; ++i) {
printf("%s\n", strs[i]);
}
free(strs);
return 0;
}
built as
g++ -Wp,-MMD,.make-debug/main.dd -Wall -g3 -I/usr/local/include -c main.cc -o .make-debug/main.o
g++ -o sandbox .make-debug/main.o -lboost_program_options -L/usr/local/lib
and run as ./sandbox produces the output
0 sandbox 0x00000001000017bf main + 57
1 sandbox 0x0000000100001764 start + 52
2 ??? 0x0000000000000001 0x0 + 1
sandbox(50587) malloc: *** error for object 0x7fff70506500: pointer being freed was not al
located
*** set a breakpoint in malloc_error_break to debug
Command terminated
As for building Boost:
$ cd boost_1_46_1
$ ./bootstrap.sh --prefix=/usr/local
$ ./bjam toolset=darwin-4.2
And here's my ~/user-config.jam:
using darwin : 4.0 : g++-4.0 ;
using darwin : 4.2 : g++-4.2 ;
using darwin : 4.5.1 : /Users/matan/usr/bin/g++ ;
I am unable to reproduce
macmini:stackoverflow samm$ cat po.cc
#include <boost/program_options.hpp>
#include <boost/version.hpp>
#include <iostream>
int
main(int argc, char* argv[])
{
std::cout << BOOST_LIB_VERSION << std::endl;
boost::program_options::positional_options_description positional;
return 0;
}
macmini:stackoverflow samm$ g++ -I /opt/local/include -L/opt/local/lib -lboost_program_options po.cc
macmini:stackoverflow samm$ ./a.out
1_46_1
macmini:stackoverflow samm$
you should update your question with the steps you used to build boost, particularly the arguments to bjam.
I think I resolved the issue, but I'm not happy with my solution. I neglected to mention that I previously installed gcc 4.6.0 with --program-suffix=-4.6 in /usr/local. Uninstalling it and rebuilding Boost solved the issue. I then had no compilers installed other than gcc-4.0 and gcc-4.2 which came with XCode. Presumably gcc-4.6 files interfered with gcc-4.0 files or the darwin toolset.