News: 11 March 2016 - Forum Rules

Author Topic: Program abortion due to superior C compiler  (Read 7176 times)

InfamousKnight

  • Sr. Member
  • ****
  • Posts: 321
    • View Profile
Program abortion due to superior C compiler
« on: November 22, 2013, 03:56:48 pm »
I really don't like it when an OS has so much security that it takes the hacking away. As we all know(and should know) that hacking isn't bad or illegal it just depends on how you use it.

My definition of hacking is: Using technology for purposes other than what it was meant for.

Anyways, I tried doing some testing with smashing stacks with input functions that don't check bounds such as the gets function and the program that ran knew there was a buffer overrrun(as far as I know. idk if it was the OS) and it just aborted the program saying "***stack smashing detection*** aborting program. I just got really ticked that its so secure these days. I just get mad when theres some security flaw that can be used for good reason or bad reasons and they remove it.

I could give a lot of examples right now but you get the point.

Oh, and I'm running linux mint 15 when I did this.

Note: The idea of this came from an exploit for the original xbox that a game called Splinter cell had some vulnerable in the game where it might have used gets or some xbox api function that doesn't check bounds either. Usually it was loaded by using save files that were bigger than they should have been aka shellcode inserted.
« Last Edit: November 22, 2013, 05:06:24 pm by InfamousKnight »

FAST6191

  • Hero Member
  • *****
  • Posts: 3357
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #1 on: November 22, 2013, 05:42:30 pm »
Windows and raw sockets I might have seen and could stand to at least listen to a rant on, can't say I am all that upset about something stepping in when the program fails bounds checking. About the worst I can see it doing is messing up some old real mode dos stuff or maybe TSR stuff (the answer to both of which is typically "use dosbox", in a pinch I might listen to something about it making the compilation longer and the result bigger and slightly slower. However having lived through windows 95 and similar such things where checking and the like would have slowed everything to a crawl and the rather crash prone nature of things there I am certainly in no hurry to go back.

InfamousKnight

  • Sr. Member
  • ****
  • Posts: 321
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #2 on: November 22, 2013, 05:56:34 pm »
I would have to admit this "rant" wasn't very funny but it was pretty funny if you think about it. Basically what I was doing was trying to cause a hack(something not intended to happen by the maker) and get something not intended for the so called "hacker". That's pretty much the jist of the joke.

Bregalad

  • Hero Member
  • *****
  • Posts: 2763
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #3 on: November 23, 2013, 04:32:38 am »
So basically you're writing terrible programs and then you blame the OS because it don't allow you to do what you want ?!

InfamousKnight

  • Sr. Member
  • ****
  • Posts: 321
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #4 on: November 23, 2013, 06:49:18 am »
So basically you're writing terrible programs and then you blame the OS because it don't allow you to do what you want ?!

It was really a test. I used gets because thats the only function I know that doesn't check bounds. And I blame the OS because on windows this actually would work. Not sure if its really my compiler though. I'm using gcc to compile it.

The test was to see buffer overruns. I just copied the example code from some cplusplus site.

BRPXQZME

  • Hero Member
  • *****
  • Posts: 4572
  • じー
    • View Profile
    • The BRPXQZME Network
Re: Program abortion due to superior C compiler
« Reply #5 on: November 23, 2013, 07:10:51 am »
Had you used Google, you would have quickly found the compiler flag to disable GCC’s stack protection.

That said, there is very little good about smashable stacks; I’m afraid your disappointment is a small price to pay for a safer software ecosystem.
we are in a horrible and deadly danger

InfamousKnight

  • Sr. Member
  • ****
  • Posts: 321
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #6 on: November 23, 2013, 07:41:39 am »
Had you used Google, you would have quickly found the compiler flag to disable GCC’s stack protection.

That said, there is very little good about smashable stacks; I’m afraid your disappointment is a small price to pay for a safer software ecosystem.

They actually have a flag to disable that? I wouldn't have even thought of that to be honest. I'll google it..

Revenant

  • Full Member
  • ***
  • Posts: 206
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #7 on: November 24, 2013, 11:30:55 am »
It was really a test. I used gets because thats the only function I know that doesn't check bounds. And I blame the OS because on windows this actually would work. Not sure if its really my compiler though. I'm using gcc to compile it.

Using gcc on Windows will give you exactly the same results. Sorry!

edit: or maybe not, I probably hallucinated MinGW using glibc instead of msvcrt or something. Anyway, stop writing shitty code
« Last Edit: November 24, 2013, 11:41:06 am by Revenant »

cret

  • Jr. Member
  • **
  • Posts: 75
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #8 on: December 18, 2013, 02:58:12 am »
don't use microsucks-products!!!

That sounds all like stack-canaries to me, look at the stack via gdb or better https://github.com/radare/radare2

what about gcc -fno-stack-protector ?
http://www.phrack.org/issues.html?issue=56&id=5 <--read this

maybe, it would be good to disable ASLR (ok, its not hard to break, but this could make it easier) : sudo echo "0" > /proc/sys/kernel/randomize_va_space this value is going to be reset after reboot

this might be interresting too: http://linux.die.net/man/8/execstack

hack fun


ps: you can even use cc instead of gcc, cc shouldn't have stackprotection


@BRPXQZME: "I’m afraid your disappointment is a small price to pay for a safer software ecosystem." WTF, a user should controle his machine, and if the user wants no canaries, there shouldnt be canaries. By the way, this is not really secure, once I wrote a program, that bypassed aslr in 18 minutes https://wk3.org/posts/730391
And even stack-canaries can be bypassed if a programmer uses printf(s); for example https://wk3.org/uploads/images/scaled_full_d9742473744565fda937.png
and what about overwriting the .dtor ?
« Last Edit: December 18, 2013, 03:23:14 am by cret »
go r2, use debug. .... White hand was fainted

BRPXQZME

  • Hero Member
  • *****
  • Posts: 4572
  • じー
    • View Profile
    • The BRPXQZME Network
Re: Program abortion due to superior C compiler
« Reply #9 on: December 18, 2013, 03:13:39 am »
This thread was almost dead.

THIS THREAD WAS ALMOST DEAAAAD
we are in a horrible and deadly danger

cret

  • Jr. Member
  • **
  • Posts: 75
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #10 on: December 18, 2013, 03:27:51 am »
Burried alive
go r2, use debug. .... White hand was fainted

BRPXQZME

  • Hero Member
  • *****
  • Posts: 4572
  • じー
    • View Profile
    • The BRPXQZME Network
Re: Program abortion due to superior C compiler
« Reply #11 on: December 18, 2013, 10:09:16 am »
WTF, a user should controle his machine, and if the user wants no canaries, there shouldnt be canaries.
A user should also know what the hell they’re doing. Someone who can’t look up the compiler flag from the given error alone doesn’t.

For the record, I would not hand a firearm to someone who can’t tell whether the safety is on or off, either.
we are in a horrible and deadly danger

cret

  • Jr. Member
  • **
  • Posts: 75
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #12 on: December 18, 2013, 10:49:20 am »
pain makes them learning, so its their fault if they crash their system. You're right, refering to a firearm.
go r2, use debug. .... White hand was fainted

henke37

  • Hero Member
  • *****
  • Posts: 643
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #13 on: December 19, 2013, 07:46:20 pm »
The problem is that it's not their own system that they end up writing code for. They let others "experience" their "work".

cret

  • Jr. Member
  • **
  • Posts: 75
    • View Profile
Re: Program abortion due to superior C compiler
« Reply #14 on: December 20, 2013, 09:42:13 am »
thats just what nintendo did on pokemon, after all its a big fun to do ingame-hacking.

Well, you should look at the source, sometimes
go r2, use debug. .... White hand was fainted