mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00

History

Carlos Polop 6c2a69d84b gpt-4o-mini		2024-07-18 22:49:07 +02:00
..
aslr	gpt-4o-mini	2024-07-18 22:49:07 +02:00
pie	gpt-4o-mini	2024-07-18 22:49:07 +02:00
stack-canaries	gpt-4o-mini	2024-07-18 22:49:07 +02:00
no-exec-nx.md	gpt-4o-mini	2024-07-18 22:49:07 +02:00
README.md	gpt-4o-mini	2024-07-18 22:49:07 +02:00
relro.md	gpt-4o-mini	2024-07-18 22:49:07 +02:00

README.md

Common Binary Protections

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

Enable Core files

Core files are a type of file generated by an operating system when a process crashes. These files capture the memory image of the crashed process at the time of its termination, including the process's memory, registers, and program counter state, among other details. This snapshot can be extremely valuable for debugging and understanding why the crash occurred.

Enabling Core Dump Generation

By default, many systems limit the size of core files to 0 (i.e., they do not generate core files) to save disk space. To enable the generation of core files, you can use the ulimit command (in bash or similar shells) or configure system-wide settings.

Using ulimit: The command ulimit -c unlimited allows the current shell session to create unlimited-sized core files. This is useful for debugging sessions but is not persistent across reboots or new sessions.

ulimit -c unlimited

Persistent Configuration: For a more permanent solution, you can edit the /etc/security/limits.conf file to include a line like * soft core unlimited, which allows all users to generate unlimited size core files without having to set ulimit manually in their sessions.

* soft core unlimited

Analyzing Core Files with GDB

To analyze a core file, you can use debugging tools like GDB (the GNU Debugger). Assuming you have an executable that produced a core dump and the core file is named core_file, you can start the analysis with:

gdb /path/to/executable /path/to/core_file

This command loads the executable and the core file into GDB, allowing you to inspect the state of the program at the time of the crash. You can use GDB commands to explore the stack, examine variables, and understand the cause of the crash.

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}