I am trying to learn to use buffer overflow attack in Ubuntu. Unfortunately, I cannot turn off Address Space Layout Randomization (ASLR) feature in this OS, which is turned on by default. I have tried some work around found in some fedora books:
echo "0" > /proc/sys/kernel/randomize_va_space
but for some reason the protection's still there. Please give me some suggestions. Thanks.
[edit]Actually the above command was not successful, it said "Permission Denied", even with sudo. How can I fix that?
[adding] I kept on getting segmetation fault error when it shows an address in stack. Is it related to non-executable stack in ubuntu :(?
You will need root perms before attempting it, and if I'm not mistaken, to restart once you've done it.
sudo -i
echo "0" > /proc/sys/kernel/randomize_va_space
found it myself
you have to compile this way:
gcc -fno-stack-protector -z execstack -o OUTPUT INPUT.c
to echo to files with root acces using sudo you can use the following code:
echo "0" | sudo tee /proc/sys/kernel/randomize_va_space
gcc compile with -fno-stack-protector
You can turn off ASLR for a particular process by launching with setarch
For 32 bit programs:
setarch i386 -R yourProgram
For 64 bit programs:
setarch x86_64 -R yourProgram
Related
(I have seen other solutions to "Errno 48" issues on StackOverflow, but none have been successful yet.)
I am trying to develop a botnet using byob on github here: https://github.com/malwaredllc/byob
I am encountering a address in use error every time I run the command sudo ./startup.sh. It returns OSError: [Errno 48] Address already in use.
However when I attempt to use the ps -fA | grep python and kill the associated 502 18126 16973 0 9:16PM ttys000 0:00.00 grep python by using kill -9 181216, I get this error: kill: kill 18126 failed: no such process.
Does anyone have any idea what to do?
I am using a "MacOS M1Pro Chip OS V12.0.1 Monterey". Also the program byob is trying to run on port 5000 of IPv4 127.0.0.1 (this is a generic IP not specifically mine). http://127.0.0.1/5000.
In case you try to duplicate the problem you need to install docker.io or the docker desktop app depending on os then navigate to cd <outer-dir>/byob-master/web-gui then execute sudo ./startup.sh. The code will not work without access to docker, and the program needs to be ran with admin perms using the prefix sudo. The actual downloads take a while and it will prompt you to restart once. Then when you run it again, I encounter this problem...
Please let me know if someone was able to fix this. Thanks!
I am getting the following error while running my rails app in Ubuntu server
FATAL: Listen error: unable to monitor directories for changes. Visit
https://github.com/guard/listen/wiki/Increasing-the-amount-of-inotify-watchers
for info on how to fix this.
I have followed the above GitHub page, but I was unable to write in max_user_watches which were set in 8192 and I want to set that to 524288.
in cat /proc/sys/fs/inotify/max_user_watches the file was in only read mode.I tried to grant write permissions, but I was getting permission denied error even with root access.
Thanks in Advance!!!
1000 is way too small, try with 524288 as explained in the wiki page: https://github.com/guard/listen/blob/master/README.md#increasing-the-amount-of-inotify-watchers
Listen uses inotify by default on Linux to monitor directories for
changes. It's not uncommon to encounter a system limit on the number
of files you can monitor. For example, Ubuntu Lucid's (64bit) inotify
limit is set to 8192.
and
If you are running Debian, RedHat, or another similar Linux
distribution, run the following in a terminal:
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
If you are running ArchLinux, run the following command instead
echo fs.inotify.max_user_watches=524288 | sudo tee /etc/sysctl.d/40-max-user-watches.conf && sudo sysctl --system
Just try to execute this from your console
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
Hope this will work for you .
References: click here
For others who may have this issue. I had a VM disconnect which left the previous rails server running. Running below resolved the issue without needing to up the number of watcher.
kill -9 $(lsof -i tcp:3000 -t)
In my case, I just need to turn off the terminal and then start it back again. It works when I try to run rails c command :)
Deleting Gemfile.lock and running 'bundle' in the project directory terminal worked for me.
This error occurred for me as I had a number of ruby processes currently running that I was unaware of. Just need to terminate them and all is good
I had this issue during development while running rake (even with rake -h), and the solution from https://github.com/guard/listen/wiki/Increasing-the-amount-of-inotify-watchers did not work, neither did killing the running ruby processes, killing the terminal or even restarting the computer.
To avoid this error I did a new and clean clone of my project and then rake was working (maybe git clean -fdx could have worked but I did not try it).
I was running rake version 13.0.3, rails 6.1.1, ruby 2.7.2p137.
Adding to #mayur-shah's answer,
It worked for me after closing the server and console. So, if you are running rails server/console, close that first.
I'm trying to upload the blink.c file in Contiki on a exp5438 board. I'm running Instant Contiki 2.6 on my MacBook inside VirtualBox.
When I try to do the upload to the board, it gives me this error for the msp430 flasher! Is there a work around which can help me run the blink program on the board? I'm really pulling my hair out on this. :D
msp430flasher -n msp430x5438a -e ERASE_MAIN -w blink.hex -v -z [VCC]
/bin/sh: 1: msp430flasher: not found
make: *** [test-blink.upload] Error 127
Help appreciated!
You need to install the MSP430Flasher tool from TI (available for win32 and linux), and also of course a MSP430 FET progammer: http://processors.wiki.ti.com/index.php/MSP430_Flasher_-_Command_Line_Programmer
You might need to edit also the platform/exp5438/Makefile.exp5438 file and change the msp430flasher commands at the bottom for MSP430Flasher (mind the case-sensitiveness!).
I am new to CentOS6 as well as Redhawksdr, and I am trying to run the tar xzvfredhawk-yum-1.8.4-el6-i686.tar.gz instruction on page 24, section 2.3 and my terminal freezes. Anyone know what is wrong and how to fix it?
Try checking to see if yum is being locked by something else (though an error should be produced if this were the case):
ps aux | grep yum
If something else is locking yum, try killing it.
Also, take a look at your repositories in /etc/yum.repos.d. Are there any IP addresses in there that might cause a timeout? Try pinging any IPs that are in there: if you can't ping, remove them from /etc/yum.repos.d (do this by saving the file off somewhere else).
If neither of those work, please post the exact syntax you are using. If yum is waiting on an input, it will freeze (e.g., if the answer to David Duncan's question is "no", that would be your problem).
user2062950: I am assuming user2643765 is referring to section 2.3 of the REDHAWK user manual.
Please try this:
go to the location where the tar file is present, then run the following command:
tar xzvf redhawk-yum-1.8.4-el6-i686.tar.gz -C target_location
I'm writing a script, and I need to look up a command on the user's $PATH and get the full path to the command. The problem is that I don't know what the user's login shell is, or what strange stuff might be in their do files. I'm using the bourne shell for my simple little script because it needs to run on some older Solaris platforms that might not have bash.
Some implementations of "which" and "whence" will source the user's dot files, and that isn't really portable to all users. I'd love a simple UNIX utility that would just do the basic job of scanning PATH for an executable and reporting the full path of the first match.
But I'll settle for any /bin/sh solution that is stable for all users.
I'm looking for a solution that is better than writing my own /bin/sh loop that chops up $PATH and searches it one line at a time. It would seem that this is common enough that there should be an reusable way to do it.
My first approximation of the "long way" is this:
IFS=:
for i in $PATH; do
if [ -x $i/$cmd ]; then
echo $i/$cmd
fi
done
Is there something simpler and portable?
The answer seems to be the 'type' built-in.
% /bin/sh
$ type ls
ls is /bin/ls
Maybe the whereis command will work for you?
whereis -b -B `echo $PATH | sed 's/:/ /g'` -f [commands]
e.g. on my computer, this works:
whereis -b -B `echo $PATH | sed 's/:/ /g'` -f find man fsc
And results in:
find: /usr/bin/find
man: /usr/bin/man
fsc: /opt/FSharp-2.0.0.0/bin/fsc.exe /opt/FSharp-2.0.0.0/bin/fsc
One caveat from the whereis man page:
Since whereis uses chdir(2V) to run faster, pathnames given
with the -M, -S, or -B must be full; that is, they must begin
with a `/'.
This question is answered in details here: https://unix.stackexchange.com/questions/85249/why-not-use-which-what-to-use-then. Bottom line: use command -v ls.