Binary Protections
In case you already tried to make some reverse engineering challenge yourself, you've probably stumbled into some problems like "why the hell is this not working as it was supposed to" or "why is this not executing correctly" or even "wow I'm so dumb". And probably it was because of some of the protections gcc includes when compiling a binary.
PIE - Position Independent Code
Pie, or position independent code, is one of the most common protections. It means that the machine code that, being placed somewhere in primary memory, executes properly regardless of its absolute address.
Let's see an example of a HelloWorld.c
code so it's clearer
Compiling and disassembling the binary using gdb (I am using peda extension, but that's not necessary)
Above we see the code disassembly when not running. If you pay attention to the addresses, they start with 0x0...000 and then there is the address of the instruction.
If we run the program and try to disassemble it again, see what happens:
As you can see, the address now is a little bit different, what makes exploitation harder because this will change based on when and where the code is executed.
So, in order to disable, simply compile like this:
Then we have the new disassembly:
If we run the code and disassemble the main, the addresses of the instructions will be the same. Try for yourself!
Exec Stack
ASLR
Last updated