Vuln Dev
Is the memory map of a process different when executed in GDB? Sep 23 2008 10:43AM
Florencio Cano (florencio cano gmail com) (2 replies)
Re: Is the memory map of a process different when executed in GDB? Sep 23 2008 09:36PM
Kristian Erik Hermansen (kristian hermansen gmail com)
On Tue, Sep 23, 2008 at 3:43 AM, Florencio Cano
<florencio.cano (at) gmail (dot) com [email concealed]> wrote:
> run it inside GDB. Does GDB alter the memory map of a process when
> executed inside it? In which way? Where I can read info about this?

Yes, your offsets will differ. Put a break at start of main(),
recompile, and use something like memfetch | hexdump -C to see...
http://lcamtuf.coredump.cx/soft/memfetch.tgz

You must also remember that newer Linux distros include many security
features that randomize offsets and protect against other hackery.
Not that you can't get around them given enough information (like a
memory peek), but you should know about them. All of this stuff is
well documented on places like milw0rm. Regards...
--
Kristian Erik Hermansen
http://friendfeed.com/khermans

[ reply ]
Re: Is the memory map of a process different when executed in GDB? Sep 23 2008 08:07PM
Chris McCulloh (list chrismcculloh com)


 

Privacy Statement
Copyright 2010, SecurityFocus