=======================================================.
A High Efficient Protection against Brute-force Attacks
=======================================================.
- Zhilong Wang [email protected]
- Xuhua Ding [email protected]
- Chengbin Pang [email protected]
- Jian Guo [email protected]
- Jun Zhu [email protected]
- Bing Mao [email protected]
If you use our code in your research, please cite our paper.
@inproceedings{polymorphiccanaries,
author = {Z. Wang and X. Ding and C. Pang and J. Guo and J. Zhu and B. Mao},
booktitle = {2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
title = {To Detect Stack Buffer Overflow with Polymorphic Canaries},
year = {2018},
volume = {00},
number = {},
pages = {243-254},
keywords={Security;Runtime;Instruments;Force;Tools;Instruction sets},
doi = {10.1109/DSN.2018.00035},
url = {doi.ieeecomputersociety.org/10.1109/DSN.2018.00035},
ISSN = {2158-3927},
month={Jun}
}
The GCC version is tested on Debian 10 with gcc-4.9/g++-4.9.
- add following source to /etc/apt/sources.list
deb http://ftp.us.debian.org/debian/ jessie main contrib non-free
deb-src http://ftp.us.debian.org/debian/ jessie main contrib
- add key and update
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CBF8D6FD518E17E1
$ sudo apt-get update
- install gcc/g++, build-essential and gcc--plugin-dev
$
$ sudo apt install gcc-4.9 g++-4.9 gcc-4.9-plugin-dev build-essential
- build gcc plugin
$ cd GCC_PLUGIN
$ make
- build runtime library
$ cd Runtime_Environment/Binary_Based_Version/
$ make
- For single file program, compile your application with the following (GNU GCC) flags:
$ gcc -fstack-protector-all -fplugin=<PROJECT_SOURCE_DIR>/GCC_PLUGIN/PolymorphicCanaries.so demo.c -o demo
- For large projects, adding
-fstack-protector-all -fplugin=<PROJECT_SOURCE_DIR>/GCC_PLUGIN/PolymorphicCanaries.so
to 'CFLAGS' or 'CXXFLAGS' through configure, makefile, or Cmakefile.
LD_PRELOAD=<PROJECT_SOURCE_DIR>/Runtime_Environment/Binary_Based_Version/LIBPolymorphicCanaries.so ./demo
LLVM Version is tested on llvm-6.0
- install llvm and clang
# sudo apt-get install llvm-6.0 clang-6.0
- build LLVM Pass
$ cd Compiler_based_Implementation/P-SSP
$ mkdir build && cd build
$ cmake ..
$ make
- Build Runtime Environment
# build runtime environment
$ cd /Runtime_Environment/Compiler_Based_Version/
$ make
- For small program, compile your application with the following flags
$ clang -Xclang -load -Xclang <PROJECT_SOURCE_DIR>/Compiler_based_Implementation/P-SSP/libStackDoubleProtector.so demo.c -o demo
- For larger projects, adding
-Xclang -load -Xclang <PROJECT_SOURCE_DIR>/Compiler_based_Implementation/P-SSP/libStackDoubleProtector.so
to CFLAGS' or
CXXFLAGS' through configure, makefile, or Cmakefile.
LD_PRELOAD=<PROJECT_SOURCE_DIR>/Runtime_Environment/Compiler_Based_Version/LIBPolymorphicCanaries.so ./demo
1 Build Instrumentor
$ cd Binary_based_implementation/dynamic linked proram/
$ make
- Build and install the customized GLIBC
- Download a version of glibc which is compatible with your OS.
- Replace the stack_chk_fail.c in GLIBC with a customized version stack_chk_fail.c.
- Build and install the modified glibc.
- Rewrite your programs
$ ./Binary_based_implementation/dynamic linked proram/InstrumentationCode ./demo
- Run your program with PSSP
$ export LIB_LIBRARY_PATH=<CUSTOMIZED_GLIBC_LIB_DIR>/*.so
$ export LD_PRELOAD=<PROJECT_SOURCE_DIR>/Runtime_Environment/Binary_Based_Version/LIBPolymorphicCanaries.so
$ ./demo
We provide a binary rewriter based on Dyninst for static linked programs. The implementation is located at Dyninst Tool.
We provide a docker image to quickly reproduce the environment (GCC PLUGIN VERSION).
$ sudo docker build -t pssp -f Dockerfile .
$ docker run -it pssp:latest /bin/bash
$ LD_PRELOAD=/home/PolymorphicCanaries/Runtime_Environment/Binary_Based_Version/LIBPolymorphicCanaries.so ./objs/nginx