Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: libc re-bassing
Top Forums UNIX for Dummies Questions & Answers libc re-bassing Post 302177902 by s4g3 on Monday 24th of March 2008 02:59:57 AM
Old 03-24-2008
And now for your question:

every program that you execute has two basic portions:
1 - code section
2 - data section
well there are more sections but if i start explaining, i will have to devote the whole day
code section is the section that the processor executes - i mean the instructions
and data section is where all the data is stored like integer values, constants and stuff - this is also called text section

libc addresses get randomized because of various factors like the amount of space that kernel occupys in the RAM or RAM size itself, when libc is loaded, etc
.text will be static - coz its the text section devoted for storing data. Remember every process has a certain portion of memory reserved for it?
You say .text is static because you are actually calculating the offset address from where the code starts in the memory. In real if you calculate .text will be in different parts of memory in each and every computer

Now please explain me: what does egress has to do with it? I mean egress is a packet filtering tool as far as my knowledge goes. How would it scan the computer's memory and find out about this? If you are sending some sort of shell code to spawn a remote shell egress CANNOT detect it. well it can if it start comparing the text segement offset address from the packet's beginning. but a normal filter like egress cannot do that.This is the job of an IDS (snort?)

If you really want deeper knowledge in this field about bypassing firewalls or IDS check out phrack.org. Sorry i cannot provide you with the exact link as i dont access phrack from work (they are kind of picky)

BTW langley cyber attack was a DDOS attack and not targeted on libc though.

~s4g3
 

8 More Discussions You Might Find Interesting

1. Programming

xldb WARNING: libC.a(ansi_32.o) has been stripped

Hi, When i start the Debugger i get this warning: xldb WARNING: /usr/lpp/xlC/lib/libC.a(ansi_32.o) has been stripped. anyone know what this warning means? xldb is a Debugger under AIX. Lazzar (2 Replies)
Discussion started by: Lazzar
2 Replies

2. Programming

path for libc.a

how can i determine the path for libc.a? i wonder where it is located in my unix machine (1 Reply)
Discussion started by: gfhgfnhhn
1 Replies

3. AIX

Problem restoring libc.a (AIX 5.3)

Hi, The symbolic link from /usr/lib/libc.a to /usr/ccs/lib/libc.a was deleted by accident. So we are trying to restore it, but we have some problems. After booting from CD, and access the rootvg volume group (without mounting the system), we tried to execute the next commands: mount /dev/hd4... (1 Reply)
Discussion started by: NicoAIX
1 Replies

4. Linux

Deploying Qt on CentOS - libc.so.6 update problem

I am developing a simple client-server (TCP) application using QT. The server side is to run on CentOS. I am developing both the server and client programs using Ubuntu. I am now attempting to deploy an experimental version of the server application on the CentOS server, but I am not yet... (2 Replies)
Discussion started by: David Brown
2 Replies

5. HP-UX

hpux-itanium 64 bit problem for libC

i am trying to build on hpux-itanium 64 bit platform. my application needs to link to 64 bit version of the library libCsup.so This library is present in /usr/lib/hpux64/libCsup.so I am specifying the location of this library as linker flags LDFLAGS := -Wl,-N -Wl,+s... (0 Replies)
Discussion started by: skyineyes
0 Replies

6. AIX

Dependent modules libc.a and libpthreads.a

Hello I am trying to install ActivePerl Pro Studio and I am seeing the following errors. Could not load program ./setup: Symbol resolution failed for setup because: Symbol ___memcmp (number 1) is not exported from dependent module /usr/lib/libc.a(shr.o). ... (2 Replies)
Discussion started by: flagman5
2 Replies

7. UNIX for Advanced & Expert Users

libc.so.1 (SUNW_1.22.7) => (version not found)

What package would I need to get this file? SUNW_1.22.7. Please help. thank you. :) (5 Replies)
Discussion started by: SystemAddict
5 Replies

8. Red Hat

RPM Install error: libc.so.6 is needed by

I have an application rpm which when installed is failing to get installed with error error: Failed dependencies: libc.so.6 is needed by testSam-4.7.x86_64 libc.so.6(GLIBC_2.0) is needed by testSam-4.7.x86_64 libc.so.6(GLIBC_2.1) is needed by testSam-4.7.x86_64 ... (1 Reply)
Discussion started by: rupeshkp728
1 Replies

LEARN ABOUT MINIX

ar

AR(1)							      General Commands Manual							     AR(1)

NAME

       ar, aal - archivers

SYNOPSIS

       ar [dmpqrtx][abciluv] [posname] archive [file ...]
       aal [dpqrtx][clv] archive [file ...]

EXAMPLES

       ar r libc.a sort.s  # Replace sort.s in libc.a

       ar rb a.s libc.a b.s
			   # Insert b.s before a.s in libc.a

DESCRIPTION

       Ar allows groups of files to be put together into a single archive.  It is normally used for libraries of compiled procedures.  Aal is like
       ar, but is to be used with the ACK compiler.  The following keys are allowed:

	 d: Delete. Ar will delete the named members.
	 m: Move named files. Ar expects a, b, or i to be specified.
	 p: Print the named files (list them on stdout)
	 q: Quickly append to the end of the archive file.
	 r: Replace (append when not in archive).
	 t: Print the archive's table of contents.
	 x: Extract

       The keys may optionally concatencated with one or more of the following:

	 a: After posname
	 b: Before posname
	 c: Create  (suppresses creation message)
	 i: Before posname
	 l: Local temporary file for work instead of /tmp/ar.$$$$$
	 u: Replace only if dated later than member in archive
	 v: Verbose

SEE ALSO

       anm(1), asize(1), nm(1), size(1).

																	     AR(1)
All times are GMT -4. The time now is 11:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy