-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdepornodep-aslr.c
126 lines (97 loc) · 2.27 KB
/
depornodep-aslr.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#include <signal.h>
#include <errno.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/wait.h>
char datavar = '\xcc';
typedef void (*func_t)(void);
typedef struct
{
void *code, *data, *heap, *ldso, *libc, *stack;
} aslrtest_t;
enum { CODE=1, DATA=2, HEAP=4, LDSO=8, LIBC=16, STACK=32 };
void *get_ldbase(char *envp[])
{
long *p = (long *)envp;
for (; *p; p += 2);
for (; *p == 7; p += 2);
return (void *)++p;
}
void write_aslr(char *envp[])
{
char stackvar;
aslrtest_t test =
{
.code = write_aslr,
.data = &datavar,
.heap = malloc(1),
.ldso = get_ldbase(envp),
.libc = &errno,
.stack = &stackvar,
};
write(1, &test, sizeof(test));
exit(0);
}
int get_aslr(char *progname)
{
aslrtest_t a, b;
int i, ret=0;
int filedes[2]; pipe(filedes);
for (i=0; i<10; i++)
{
if (!fork())
{
dup2(filedes[1], 1);
execlp(progname, NULL);
}
read(filedes[0], &b, sizeof(b));
wait(NULL);
if (i==0)
a = b;
ret |= ( a.code != b.code ? CODE : 0 ) |
( a.data != b.data ? DATA : 0 ) |
( a.heap != b.heap ? HEAP : 0 ) |
( a.libc != b.libc ? LIBC : 0 ) |
( a.ldso != b.ldso ? LDSO : 0 ) |
( a.stack != b.stack ? STACK : 0 );
}
return ret;
}
void depornodep(int sig)
{
printf( "%s\n", (sig==SIGTRAP) ? "[NO DEP]" : "[DEP]" );
exit(0);
}
void try_depornodep(char *itsatrap)
{
int status=0;
func_t trap = (func_t)itsatrap;
*itsatrap = '\xcc';
if (!fork())
trap();
else
wait(NULL);
}
int main(int argc, char *argv[], char *envp[])
{
char *progname = argv[0];
if ( access("/proc/self/exe", F_OK) == 0 )
progname = "/proc/self/exe";
signal(SIGTRAP, depornodep);
signal(SIGSEGV, depornodep);
char stackvar;
if (argc == 0)
write_aslr(envp);
int aslr = get_aslr(progname);
printf("Code: %s\n", aslr&CODE ? "[ASLR]":"[NO ASLR]");
printf("Data: %s ", aslr&DATA ? "[ASLR]":"[NO ASLR]"); fflush(stdout);
try_depornodep(&datavar);
printf("Linker: %s\n", aslr&LDSO ? "[ASLR]":"[NO ASLR]");
printf("Libc: %s\n", aslr&LIBC ? "[ASLR]":"[NO ASLR]");
printf("Heap: %s ", aslr&HEAP ? "[ASLR]":"[NO ASLR]"); fflush(stdout);
try_depornodep(malloc(1));
printf("Stack: %s ", aslr&STACK ? "[ASLR]":"[NO ASLR]"); fflush(stdout);
try_depornodep(&stackvar);
exit(0);
}