exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

spfx.c

spfx.c
Posted Apr 9, 2001

spfx.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack.

tags | kernel
systems | linux
SHA-256 | eb6a1f79702666eaf24869cb76c304100470bb25f837b1e661e2611ad022f367

spfx.c

Change Mirror Download
/* note: this module is in beta, and has not been tested.  The author
* makes no guarantee of it's stability or effectiveness.
*
* USE AT YOUR OWN RISK!
*/

/*
* spfx v1.0b by Justin Lesarge
*
* Contact: nijenrode@india.com, irc://irc.dal.net Sorcerer
*
* This module prevents security breaches (such as remote root)
* by protecting the system from code running on the stack. As many
* exploits work by "smashing" the stack to execute buffered code
* on the stack, loading this module should greatly increase system
* security. Examples of exploits which this module prevents are:
*
* all remote root exploits for: bind/named, wu.ftpd, imap, etc..
*
* this code may be freely distributed and modified, so long as credit
* to the original author (Justin Lesarge) is left in tact.
*
* to load this module, use:

cc -c spfx.c -o ./spfx.o
insmod ./spfx.o

*/

#define MODULE 1

#include <linux/module.h>
#include <linux/sys.h>
#include <asm/ptrace.h>

extern void *sys_call_table[];
static void *old_call_table[NR_syscalls];

#ifndef NO_DISP
# if (EBP>FS)
# define _EBP ((EBP-2)*4)
# else
# define _EBP (EBP*4)
# endif
# if (EIP>FS)
# define _EIP ((EIP-2)*4)
# else
# define _EIP (EIP*4)
# endif
# if (UESP>FS)
# define _UESP ((UESP-2)*4)
# else
# define _UESP (UESP*4)
# endif
#endif

static void (__handler__) (void *x) {
register unsigned long ebp asm("ebp");

ebp=(unsigned long)&x;

__asm__ __volatile__("pushl %%ecx;pushl %%edx;movl %c0(%%ebp),%%ecx;"
"movl %c1(%%ebp),%%edx;cmpl %%ecx,%%edx;jbe 0f;"
"xchgl %%edx,%%ecx;0:;subl %%edx,%%ecx;"
"shrl $16,%%ecx;jnz 1f;movl $1,%%eax;1:;"
"popl %%edx;popl %%ecx;movl %%ebp,%%esp;"
"subl $4,%%esp;movl %c2(%%ebp),%%ebp;"
"jmp *old_call_table(,%%eax,4);"
::"i"(_EIP),"i"(_UESP),"i"(_EBP));
}

int init_module()
{
int n;

for(n=0;n<NR_syscalls;n++) {
old_call_table[n]=sys_call_table[n];
sys_call_table[n]=__handler__;
}

printk("spfx v1.0b by Justin Lesarge (nijenrode@india.com)\n");
return(0);
}

void cleanup_module()
{
int n;

for(n=0;n<NR_syscalls;n++) sys_call_table[n]=old_call_table[n];
}
Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close