4 replies to this topic

[s3gf4ult]

I'm trying to learn about executing instructions on the stack, however I am having some issues with doing so and I want to determine if the stack on my system is non-executable. How can I determine this? Is there a setting in the kernel for this that I can change. I'm running an x86 version of the 2.6.36 linux kernel, arch linux specifically.

[s3gf4ult]

Does nobody know or did I post in the wrong forums?

[RhetoricalRuvim]

If it is about the processor you could try reading the Intel Architecture Software Developer's Manual. I am not very sure how you try to execute instructions on the stack, though.

[s3gf4ult]

Well I think I found out how to determine if the stack is non executable if your running a linux system. You simply run "cat /proc/(pid of any process)/maps and that show you the virtual memory usage and the permissions, and in my case the stack does not have the execution permission bit set, so I am assuming this means it is not executable. Now I am trying to allow my stack to be executable on my system but can't figure it out.

To answer your questions about executing instructions on the stack, if you a buffer that can be overflowed for example, and you know the layout of the stack you can overwrite the return address pointer to point to some address in the stack which you put a machine instruction in there that can then be run.

[RhetoricalRuvim]

I think this might have something to do with the protected mode descriptor tables, for the program, but I don't know how to allow the stack to be executed.