In the NDK, you should be able to set "DISABLE_NO_EXECUTE" to true to disable noexec protections.
Alternately, like Rodrigo implied, you should be able to set the following CFLAG: -Wa,--execstack and the following LDFLAG -Wl,-z,execstack (untested) -- Nick On Mon, Feb 27, 2012 at 10:52 AM, Antonio < [email protected]> wrote: > Hi all! > > We are a couple of Information Technology Engineering students and we > are doing a research work, for the IT Security exam, about the > possibility to perform buffer overflow attacks on Android devices. > > We know that the actual version supports ASLR, ProPolice and NX. We > have already disabled ProPolice (using LOCAL_CFLAGS := -fno-stack- > protector in the Makefile); ASLR is not a problem because our simple > shellcode doesn't jump to external code pieces: it calls the needed > syscalls through their identifiers. The problem is that we aren't able > to make the process stack executable! We don't know if and how it is > possible. > > In order to test our shellcode, we tried on an old version of Android, > the 1.5 (where the stack was executable) and it works fine. > > Our configuration is the following: > * Eclipse Java EE IDE for Web Developers versione 3.7.1 Indigo (32 > bit) on a Windows 7 box. > * Android SDK revision 16. > * Android 4.0.3 IceCream Sandwich with API level 15. > * Android NDK release 7. > * The Android Virtual Device virtualizes a Cortex-A8 based on ARMv7. > * For the debugging we are working with the Eclipse plugin: Keil ARM > Development Studio 5 Community Edition version 5.8. > > Is there someone who can help us? > > Thank you in advance! > > Antonio and Christian > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- Nick Kralevich | Android Security | [email protected] | 650.214.4037 -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
