The noexecstack option has no affect on shell code or any other interpreted
language. It only prevents native code (aka machine code) from executing.
--- Wade
On 2010-10-10, at 6:53, Brchk05 <[email protected]> wrote:
>
> I am running Debian 2.6.26-21lenny4 and I am puzzled by an issue with the
> enforcement of page permissions. I have written a simple program with a
> basic buffer overflow and compiled two versions using gcc: one with -z
> execstack and another with -z noexecstack.
>
> So, to verify that the option takes:
>
> For the -z execstack version:
> $ readelf -l a.out | grep -i -A1 stack
> GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
>
> For the -z noexecstack version:
> $ readelf -l a.out | grep -i -A1 stack
> GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
>
> However, I am able to inject and execute shellcode from a stack local
> character buffer in both versions. Is there another system option I am
> unaware of that affects enforcement? Is enforcement not supported for my
> system version?
>
> Thanks for your help.
