BOF
- https://www.atmarkit.co.jp/ait/articles/1409/22/news010.html
- ROP(Return-oriented Programming)
- Use-After-Free
- https://www.ipa.go.jp/security/awareness/vendor/programmingv2/contents/c905.html
- Buffer Over Flow
- ASLR
- カナリア(stack canary) SSP (Stack Smashing Protector)
- -fstack-protector
- -fno-stack-protector
- -fstack-protector-all
- ASLR、DEP、FullRELRO有効、SSP、PIE
- DEP【Data Execution Prevention】
- PIC, PIE
PIC (Position Independent Code)
ASLR (Address Space Layout Randomization)
sysctl -w kernel.randomize_va_space=0 sysctl -w kernel.randomize_va_space=2
KASLR : カーネルの位置をランダム化したもの
- -fno-stack-protector -z execstack
Counter: 288,
today: 2,
yesterday: 2
最終更新: 2020-01-06 (月) 09:55:16 (JST) (1565d) by iseki