Disabling ASLR and NX in Linux

For people interested in security topics and want to give a try at buffer overflows and similar vulnerabilities, practicing in your favorite Linux distro is a must. But (un)fortunately Linux comes with some protections activated by default, which makes learning buffer overflows practically impossible for the novice.

The 2 most common protections are ASLR (Address Space Layout Randomization), which randomizes the address space of the program, so stuff is not always in the same address, and the NX bit, which is a hardware-level protection that marks some memory regions as not-executable, such as the stack.

We can deactivate this protections on Linux for our learning purposes. To disable ASLR, you need to put a 0 into /proc/sys/kernel/randomize_va_space. You can go with

sudo -i

which will bring a root console, and then

echo 0 > /proc/sys/kernel/randomize_va_space

This will disable ASLR at kernel level.

For the NX bit, you need to compile your program with the -fno-stack-protector -z execstack GCC flags:

gcc -fno-stack-protector -z execstack -o your_executable your_source.c 

This will require you to install execstack tool that removes the NX bit from executables. I couldn't make it work on already compiled programs, but I didn't try hard enough either.

Have fun with your exploit learning! ;)


Popular Posts