在gdb中运行，但不在gdb之外 [英] Runs in gdb but not out of gdb

问题描述

我试图用一些shellcode产生一个shell。有效负载在程序本身，但是，当我运行然后单独编程时，我得到一个分段错误，但是当在gdb中运行时，我的shell会打开。
有人可以指出问题的症结所在吗？

  MrMox @ ubuntu：〜/文件夹$ ./a。 out hh 
分段错误（核心转储）
 
 MrMox @ ubuntu：〜/文件夹$ gdb -q a.out 
读取/home/folder/a.out中的符号。 ..done。 
（gdb）运行hh 
启动程序：/home/folder/a.out hh 
进程22119执行新程序：/ bin / dash 
 $ 
 $ 
  

解决方案

首先，既然你得到了一个核心，你可以看看

其次，GDB禁用地址随机化（ ASLR ）默认情况下（为了让你更容易调试，所以所有东西都停留在一个地方），而运行 a.out GDB可能拥有完整的ASLR，这可能解释了在使用和不使用GDB的情况下 a.out 的不同行为。

您可以全局禁用ASLR：

$ sudo -cecho 0> / proc / sys / kernel / randomize_va_space

或者您可以在GDB中启用随机化：

 （gdb）set disable-randomization off 
  

I am trying to spawn a shell with some shellcode. The payload is in the program itself, however, when I run then program individually I get a segmentation fault, but when running in gdb, my shell opens. Can someone point out what the problem might be?

MrMox@ubuntu:~/folder$ ./a.out h h
Segmentation fault (core dumped)

MrMox@ubuntu:~/folder$ gdb -q a.out
Reading symbols from /home/folder/a.out...done.
(gdb) run h h
Starting program: /home/folder/a.out h h
process 22119 is executing new program: /bin/dash
$ 
$

解决方案

what the problem might be

First, since you do get a core, you could just look in it to understand the crash.

Second, GDB disables address randomization (ASLR) by default (to make it easier for you to debug, so everything stays in one place), whereas running a.out outside of GDB likely has full ASLR, which possibly explains the different behavior of a.out with and without GDB.

You can disable ASLR globally:

sudo -c "echo 0 > /proc/sys/kernel/randomize_va_space"

Or you can enable randomization within GDB:

(gdb) set disable-randomization off

这篇关于在gdb中运行，但不在gdb之外的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！