Archive for August, 2010
Examining x86_64 Memory with GDB
-g Produce debugging information in the operating system's native format (stabs, COFF , XCOFF , or DWARF 2). GDB can work with this debugging information.
set dis intel
set disassembly-flavor intel
nobody@nobody:~$ echo "set disassembly-flavor intel" > ~/.gdbinit
-q ``Quiet''. Do not print the introductory and copyright messages. These messages are also suppressed in batch mode.
nobody@nobody:$ gcc -g hello_world.c nobody@nobody:$ gdb -q ./a.out Reading symbols from a.out...done. (gdb)
(gdb) disass main Dump of assembler code for function main: 0x0000000000400524 <+0>: push rbp 0x0000000000400525 <+1>: mov rbp,rsp 0x0000000000400528 <+4>: mov edi,0x40062c 0x000000000040052d <+9>: call 0x400418 <puts@plt> 0x0000000000400532 <+14>: mov eax,0x0 0x0000000000400537 <+19>: leave 0x0000000000400538 <+20>: ret End of assembler dump.
Formats: o - octal d - decimal x - hexadecimal u - unsigned integer s - string t - binary Units: b - byte h - half w - word g - double word
(gdb) x/s 0x40062c 0x40062c: "Hello World!"
(gdb) x/12db 0x40062c 0x40062c: 72 101 108 108 111 32 87 111 0x400634: 114 108 100 33
0x000000000040052d <+9>: call 0x400418 <puts@plt>
I’m pretty comfortable with almost all operating systems. I like to use my MacBook Pro for school so this where I’ll be doing the work.
Hacking the Art of Exploitation comes with a LiveCD based on Ubuntu. All of the examples in the book are therefore targeted towards Linux. I opted to install the latest version of Ubuntu (10.04 at this time) using VirtualBox on Mac.
I’ll be blogging about exploit development for a course I’m taking at the University of Utah. It’s an independent study with Dr. Matt Might on security exploits. I’ll be using the following books in the course
A comprehensive introduction to the techniques of exploitation and creative problem-solving methods commonly referred to as “hacking.” It shows how hackers exploit programs and write exploits, instead of just how to run other people’s exploits. This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
The Shellcoder’s Handbook: Discovering and Exploiting Security Holes (Paperback)
By (author): Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan “noir” Eren, Neel Mehta, Riley Hassell
- Examines where security holes come from, how to discover them, how hackers exploit them and take control of systems on a daily basis, and most importantly, how to close these security holes so they never occur again
- A unique author team-a blend of industry and underground experts- explain the techniques that readers can use to uncover security holes in any software or operating system
- Shows how to pinpoint vulnerabilities in popular operating systems (including Windows, Linux, and Solaris) and applications (including MS SQL Server and Oracle databases)
- Details how to deal with discovered vulnerabilities, sharing some previously unpublished advanced exploits and techniques