Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Executable Stack #5588

Closed
claudioandre-br opened this issue Nov 27, 2024 · 4 comments · Fixed by #5590
Closed

Executable Stack #5588

claudioandre-br opened this issue Nov 27, 2024 · 4 comments · Fixed by #5590
Labels
bug
Milestone
Definitely 2.0.0

Comments

@claudioandre-br
Copy link
Member

claudioandre-br commented Nov 27, 2024
edited
Loading

We now have some programs that have executable stack regions

Oh, indeed. We should have expected that when we let extra asm files into the tree.

While we keep the yasm files at all, the proper fix would be to add the equivalent of these to those:

$ tail -3 src/x86.S
#if defined(__ELF__) && defined(__linux__)
.section .note.GNU-stack,"",@progbits
#endif

... hoping that yasm does support specifying this in some way as well.

This is also a reason for us to get rid of yasm usage sooner.

See also openwall/john-packages#657 (comment)
@magnumripper
Copy link
Member

Executable stack is fun and profit 😎

I should focus on #4314, hopefully it's not too much work.

@solardiz solardiz added the bug label Nov 27, 2024
@solardiz solardiz added this to the Definitely 2.0.0 milestone Nov 27, 2024
magnumripper added a commit to magnumripper/john that referenced this issue Nov 28, 2024
@magnumripper
yasm: No executable stack
713a325 
Closes openwall#5588
@magnumripper
Copy link
Member

While we keep the yasm files at all, the proper fix would be to add the equivalent of these to those:

$ tail -3 src/x86.S
#if defined(__ELF__) && defined(__linux__)
.section .note.GNU-stack,"",@progbits
#endif

@claudioandre-br can you check if the branch magnumripper/yasm-no-exec-stack fixes the problem? Right now I sit in a place lacking linux/yasm (and super doesn't seem to have yasm anywhere).

It adds this to the asm files:

%ifidn __OUTPUT_FORMAT__,elf
section .note.GNU-stack noalloc noexec nowrite progbits
%endif
%ifidn __OUTPUT_FORMAT__,elf32
section .note.GNU-stack noalloc noexec nowrite progbits
%endif
%ifidn __OUTPUT_FORMAT__,elf64
section .note.GNU-stack noalloc noexec nowrite progbits
%endif

I got that from https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart#Causes_of_executable_stack_markings and it says it's for nasm/yasm.

@solardiz does it look right? I'm not sure if/why noalloc and nowrite should be there.

@claudioandre-br
Copy link
Member Author

Testing it!

magnumripper added a commit to magnumripper/john that referenced this issue Nov 28, 2024
@magnumripper
yasm: No executable stack
361b5cd 
Closes openwall#5588
@magnumripper magnumripper mentioned this issue Nov 28, 2024
Merged
@claudioandre-br
Copy link
Member Author

It works (no files with executable stack was found):

$ john --test --format=o5logon
Will run 8 OpenMP threads
Benchmarking: o5logon, Oracle O5LOGON protocol [SHA1 AES 32/64]... (8xOMP) DONE
Many salts:	27787K c/s real, 3510K c/s virtual
Only one salt:	16269K c/s real, 2055K c/s virtual

Versus:

Will run 8 OpenMP threads
Benchmarking: o5logon, Oracle O5LOGON protocol [SHA1 AES 32/64]... (8xOMP) DONE
Many salts:	7684K c/s real, 1067K c/s virtual
Only one salt:	6053K c/s real, 849072 c/s virtual

magnumripper added a commit that referenced this issue Nov 28, 2024
@magnumripper
yasm: No executable stack
2fce717 
Closes #5588
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
Definitely 2.0.0
Development

Successfully merging a pull request may close this issue.

yasm: No executable stack magnumripper/john
3 participants
@magnumripper @claudioandre-br @solardiz