phretor / memory-errors-lab Goto Github PK

View Code? Open in Web Editor NEW

28.0 10.0 11.0 14 KB

Virtual machine + repository of typical memory errors for teaching computer security courses.

Shell 16.82% Ruby 7.41% C 38.47% Assembly 7.50% Python 29.80%

memory-errors-lab's Introduction

Memory Error Primer

Code snippets and virtual machine that I use for teaching purposes.

Getting Started

Step 1: Clone this repository

$ git clone https://github.com/phretor/memory-errors-lab.git

Step 2: Install VirtualBox according to your host operating system's recommended procedure.

Step 3: Install Vagrant (instructions here).

Step 4: Start the virtual machine:

$ cd memory-errors-lab/linux64
$ vagrant plugin install vagrant-vbguest
$ vagrant up

If you want to skip the vbguest plugin installation, you'll have to setup the VirtualBox guest additions yourself.

Step 5: Start hacking:

$ vagrant up
$ vagrant ssh

GCC Options

When compiling, the following options are recommended:

-fno-stack-protector           # disables stack-smashing protection
-z execstack                   # enables executable stack
-mpreferred-stack-boundary=2   # aligns memory allocation to 2^2 bytes
-m32                           # compile as 32-bitx86 elf file

Since the -mpreferred-stack-boundary=2 option affects how the machine allocates memory on the stack, it also affects the displacement calculation when preparing format string exploits. Therefore, disabling this option is recommended when practicing with format string bugs.

memory-errors-lab's People

Contributors

Stargazers

Watchers

Forkers

thypon gerea xorllc ervin90 ocean1 nearffxx swampo id4github novad adiego73

memory-errors-lab's Issues

linux64 (probably also 32) not working on windows

it crashes with rsync under cygwing

probably: hashicorp/vagrant#4073
is there any way we can setup a workaround?

An error occures during the 'precise32' download

attillax@Asus:~/Lernen/PaS/lab1/phretor/memory-errors-lab/linux64$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'precise32' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
==> default: Box file was not detected as metadata. Adding it directly...
==> default: Adding box 'precise32' (v0) for provider: virtualbox
    default: Downloading: precise32
An error occurred while downloading the remote file. The error
message, if any, is reproduced below. Please fix this error and try
again.

Couldn't open file /home/attillax/Lernen/PaS/lab1/phretor/memory-errors-lab/linux64/precise32

Vagrant Error: Unable to Mount VirtualBox Shared Folders

Vagrant Error: unable to mount the shared folder with MacOs Sierra and VirtualBox 5.1.20. Possible solution: downgrade to VirtualBox 5.1.14

errors in the configuration of this machine..

memory-errors-lab/linux32$ vagrant up

Bringing machine 'default' up with 'virtualbox' provider...
There are errors in the configuration of this machine. Please fix
the following errors and try again:

vm:

The box 'skrepo/debian_stable_32bit' could not be found.

Can't install vagrant plugins in ubuntu 16.04 (amd64)

after running this command :
$ vagrant plugin install vagrant-vbguest
I get some Ruby errors and it stops without running bootstrap.sh file.
it is because of Vagrant bug!
Here are the steps to fix Vagrant 1.8.1 under Ubuntu 16.04 which has ruby 2.3.0
http://stackoverflow.com/questions/36811863/cant-install-vagrant-plugins-in-ubuntu-16-04/36991648#36991648

running bootstrap.sh finished successfully but some errors logged

The installation of pwntools contains fatal error and ends with this line:
Can't roll back cryptography; was not uninstalled
here is a part of terminal log:

==> default: Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/lib/python2.7/dist-packages (from cffi>=1.4.1->cryptography>=1.1->paramiko->pwntools)
==> default: Installing collected packages: pwntools, paramiko, mako, pyelftools, capstone, ropgadget, pyserial, psutil, cryptography, MarkupSafe, idna, setuptools, enum34, ipaddress, cffi
==> default: Running setup.py install for pwntools
==> default:
==> default: Installing unhex script to /usr/local/bin
==> default: Installing elfpatch script to /usr/local/bin
==> default: Installing constgrep script to /usr/local/bin
==> default: Installing cyclic script to /usr/local/bin
==> default: Installing hex script to /usr/local/bin
==> default: Installing disasm script to /usr/local/bin
==> default: Installing elfdiff script to /usr/local/bin
==> default: Installing shellcraft script to /usr/local/bin
==> default: Installing phd script to /usr/local/bin
==> default: Installing asm script to /usr/local/bin
==> default: Running setup.py install for mako
==> default:
==> default: warning: no files found matching '.xml' under directory 'examples'
==> default: warning: no files found matching '.mako' under directory 'examples'
==> default: warning: no files found matching 'distribute_setup.py'
==> default: warning: no files found matching 'ez_setup.py'
==> default: no previously-included directories found matching 'doc/build/output'
==> default: Installing mako-render script to /usr/local/bin
==> default: Running setup.py install for pyelftools
==> default: changing mode of build/scripts-2.7/readelf.py from 644 to 755
==> default:
==> default: changing mode of /usr/local/bin/readelf.py to 755
==> default: Running setup.py install for capstone
==> default:
==> default: Running setup.py install for ropgadget
==> default: changing mode of build/scripts-2.7/ROPgadget from 644 to 755
==> default:
==> default: changing mode of /usr/local/bin/ROPgadget to 755
==> default: Running setup.py install for pyserial
==> default: changing mode of build/scripts-2.7/miniterm.py from 644 to 755
==> default:
==> default: changing mode of /usr/local/bin/miniterm.py to 755
==> default: Running setup.py install for psutil
==> default: building 'psutil._psutil_linux' extension
==> default: x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -DPSUTIL_VERSION=410 -I/usr/include/python2.7 -c psutil/_psutil_linux.c -o build/temp.linux-x86_64-2.7/psutil/_psutil_linux.o
==> default: x86_64-linux-gnu-gcc -pthread -shared -Wl,-O1 -Wl,-Bsymbolic-functions -Wl,-z,relro -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security build/temp.linux-x86_64-2.7/psutil/_psutil_linux.o -o build/lib.linux-x86_64-2.7/psutil/_psutil_linux.so
==> default: building 'psutil._psutil_posix' extension
==> default: x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c psutil/_psutil_posix.c -o build/temp.linux-x86_64-2.7/psutil/_psutil_posix.o
==> default: x86_64-linux-gnu-gcc -pthread -shared -Wl,-O1 -Wl,-Bsymbolic-functions -Wl,-z,relro -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security build/temp.linux-x86_64-2.7/psutil/_psutil_posix.o -o build/lib.linux-x86_64-2.7/psutil/psutil_posix.so
==> default:
==> default: warning: no previously-included files matching '' found under directory 'docs/_build'
==> default: Found existing installation: cryptography 0.6.1
==> default: Not uninstalling cryptography at /usr/lib/python2.7/dist-packages, owned by OS
==> default: Running setup.py install for cryptography
==> default: c/_cffi_backend.c:15:17: fatal error: ffi.h: No such file or directory
==> default: #include <ffi.h>
==> default: ^
==> default: compilation terminated.
==> default: Traceback (most recent call last):
==> default: File "", line 1, in
==> default: File "/tmp/pip-build-PitJhb/cryptography/setup.py", line 335, in
==> default: *_keywords_with_side_effects(sys.argv)
==> default: File "/usr/lib/python2.7/distutils/core.py", line 111, in setup
==> default: _setup_distribution = dist = klass(attrs)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 262, in init
==> default: self.fetch_build_eggs(attrs['setup_requires'])
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 287, in fetch_build_eggs
==> default: replace_conflicting=True,
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 631, in resolve
==> default: dist = best[req.key] = env.best_match(req, ws, installer)
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 874, in best_match
==> default: return self.obtain(req, installer)
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 886, in obtain
==> default: return installer(requirement)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 338, in fetch_build_egg
==> default: return cmd.easy_install(req)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 636, in easy_install
==> default: return self.install_item(spec, dist.location, tmpdir, deps)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 666, in install_item
==> default: dists = self.install_eggs(spec, download, tmpdir)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 856, in install_eggs
==> default: return self.build_and_install(setup_script, setup_base)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 1078, in build_and_install
==> default: self.run_setup(setup_script, setup_base, args)
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 1066, in run_setup
==> default: raise DistutilsError("Setup script exited with %s" % (v.args[0],))
==> default: distutils.errors.DistutilsError: Setup script exited with error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
==> default: Complete output from command /usr/bin/python -c "import setuptools, tokenize;file='/tmp/pip-build-PitJhb/cryptography/setup.py';exec(compile(getattr(tokenize, 'open', open)(file).read().replace('\r\n', '\n'), file, 'exec'))" install --record /tmp/pip-rsWw1a-record/install-record.txt --single-version-externally-managed --compile:
==> default: c/_cffi_backend.c:15:17: fatal error: ffi.h: No such file or directory
==> default:
==> default: #include <ffi.h>
==> default:
==> default: ^
==> default:
==> default: compilation terminated.
==> default:
==> default: Traceback (most recent call last):
==> default:
==> default: File "", line 1, in
==> default:
==> default: File "/tmp/pip-build-PitJhb/cryptography/setup.py", line 335, in
==> default:
==> default: **keywords_with_side_effects(sys.argv)
==> default:
==> default: File "/usr/lib/python2.7/distutils/core.py", line 111, in setup
==> default:
==> default: _setup_distribution = dist = klass(attrs)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 262, in init
==> default:
==> default: self.fetch_build_eggs(attrs['setup_requires'])
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 287, in fetch_build_eggs
==> default:
==> default: replace_conflicting=True,
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 631, in resolve
==> default:
==> default: dist = best[req.key] = env.best_match(req, ws, installer)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 874, in best_match
==> default:
==> default: return self.obtain(req, installer)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 886, in obtain
==> default:
==> default: return installer(requirement)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/dist.py", line 338, in fetch_build_egg
==> default:
==> default: return cmd.easy_install(req)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 636, in easy_install
==> default:
==> default: return self.install_item(spec, dist.location, tmpdir, deps)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 666, in install_item
==> default:
==> default: dists = self.install_eggs(spec, download, tmpdir)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 856, in install_eggs
==> default:
==> default: return self.build_and_install(setup_script, setup_base)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 1078, in build_and_install
==> default:
==> default: self.run_setup(setup_script, setup_base, args)
==> default:
==> default: File "/usr/lib/python2.7/dist-packages/setuptools/command/easy_install.py", line 1066, in run_setup
==> default:
==> default: raise DistutilsError("Setup script exited with %s" % (v.args[0],))
==> default:
==> default: distutils.errors.DistutilsError: Setup script exited with error: command 'x86_64-linux-gnu-gcc' failed with exit status 1
==> default:
==> default: ----------------------------------------
==> default: Can't roll back cryptography; was not uninstalled
==> default: Cleaning up...
==> default: Command /usr/bin/python -c "import setuptools, tokenize;file='/tmp/pip-build-PitJhb/cryptography/setup.py';exec(compile(getattr(tokenize, 'open', open)(file).read().replace('\r\n', '\n'), file, 'exec'))" install --record /tmp/pip-rsWw1a-record/install-record.txt --single-version-externally-managed --compile failed with error code 1 in /tmp/pip-build-PitJhb/cryptography
==> default: Storing debug log for failure in /root/.pip/pip.log

...

Also another error for # Install correct capstone

==> default: /tmp/vagrant-shell: line 45: cd: /root/tools/capstone/bindings/python: No such file or directory
==> default: python: can't open file 'setup.py': [Errno 2] No such file or directory

Terminal log.txt

Inability to run the virtual machine properly: Connection timeout on boot

After having installed Virtual Box 4.3.10r93012 and Vagrant 1.5.4_i686 on my laptop running Crunchbang 11 Waldorf (based on Debian Wheezy) and trying to run vagrant, I get the following output:

memory-errors-lab/linux32$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Checking if box 'skrepo/debian_stable_32bit' is up to date...
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
==> default: Forwarding ports...
default: 22 => 2222 (adapter 1)
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 127.0.0.1:2222
default: SSH username: vagrant
default: SSH auth method: private key
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...
default: Warning: Connection timeout. Retrying...

The guest machine entered an invalid state while waiting for it
to boot. Valid states are 'starting, running'. The machine is in the
'gurumeditation' state. Please verify everything is configured
properly and try again.

If the provider you're using has a GUI that comes with it,
it is often helpful to open that and watch the machine, since the
GUI often has more helpful error messages than Vagrant can retrieve.
For example, if you're using VirtualBox, run vagrant up while the
VirtualBox GUI is open.

Is that a problem of the configuration of the virtual machine or a problem in my network configuration?

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.