You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I see that after decrypting .rodata section you are reverting the decrypted memory pages using mprotect() to Read-Execute permissions. While this is necessary when decrypting the .text, it is not so for data sections, essentially making it a hot target for shellcode placement. If I'm missing anything, let me know.
The text was updated successfully, but these errors were encountered:
By default, the .rodata section is already executable (see http://xn--thibaud-dya.fr/rodata.html) and yes, it is an heresy. For now, the code is simply returning that page into its previous state.
Feel free to push upstream (glibc, gold) to try to get that change implemented/widely used. Additionally, I could also modify that part of the code to verify the previous permissions and restore them exactly (feel free to send a patch).
I see that after decrypting .rodata section you are reverting the decrypted memory pages using mprotect() to Read-Execute permissions. While this is necessary when decrypting the .text, it is not so for data sections, essentially making it a hot target for shellcode placement. If I'm missing anything, let me know.
The text was updated successfully, but these errors were encountered: