From 4396bda1cf7f6060e2d2cca3451e8fbc1012dcb3 Mon Sep 17 00:00:00 2001 From: Nahom Belay Date: Sun, 28 Feb 2021 19:07:02 +0100 Subject: [PATCH] =?UTF-8?q?Mettre=20=C3=A0=20jour=20'ReadMe.md'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit J'ai rajouté un petit commentaire pour clarifier un peu l'approche pour l'analyse stat --- ReadMe.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ReadMe.md b/ReadMe.md index 30772c3..de9db5c 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -76,3 +76,14 @@ Ces commandes compileront les trois exécutables client, serveur et attaque. * Utilité : Test du serveur dans son fonctionnement normal. Test BOF possible * Retour test : Serveur OK, BOF OK (detecté par le canary). - Step 4 : TESTER LES PREMIERES EXPLOITATIONS + +# Statistical Analysis + +We wanted to verify how random ASLR was so we executed our server multiple times and retried the positions of the stack, lib and code using “/proc/$pid/map”. We examined two scenarios the first one using ASLR and the second without ASLR (for reference sake). + + +We focused on three different values: the address of the stack (first row), the offset between the stack and the code portion (second row) and the offset between stack and lib (last row). The first column corresponds to ASLR and the second without ASLR. (Had trouble adding labels to the plot and didn’t get around to doing it, sorry). + +To have a better picture of the unique addresses and a clearer representation, we only factored in how often each value was present. Then we looked at how many times those occurrences occurred. + +The X-axis we have the occurence and in the Y-axis how many times that occurrence occurred. \ No newline at end of file