This commit is contained in:
Paul Faure 2021-03-01 19:51:37 +01:00
commit f3f0dd37d9

View file

@ -76,3 +76,14 @@ Ces commandes compileront les trois exécutables client, serveur et attaque.
* Utilité : Test du serveur dans son fonctionnement normal. Test BOF possible
* Retour test : Serveur OK, BOF OK (detecté par le canary).
- Step 4 : TESTER LES PREMIERES EXPLOITATIONS
# Statistical Analysis
We wanted to verify how random ASLR was so we executed our server multiple times and retried the positions of the stack, lib and code using “/proc/$pid/map”. We examined two scenarios the first one using ASLR and the second without ASLR (for reference sake).
We focused on three different values: the address of the stack (first row), the offset between the stack and the code portion (second row) and the offset between stack and lib (last row). The first column corresponds to ASLR and the second without ASLR. (Had trouble adding labels to the plot and didnt get around to doing it, sorry).
To have a better picture of the unique addresses and a clearer representation, we only factored in how often each value was present. Then we looked at how many times those occurrences occurred.
The X-axis we have the occurence and in the Y-axis how many times that occurrence occurred.