GitHub - tagatac/libsafe-CVE-2005-1125: Libsafe - Safety Check Bypass Vulnerability (Proof of Concept Exploit & Time Randomization to Thwart It)

tagatac / libsafe-CVE-2005-1125 Public

Notifications You must be signed in to change notification settings
Fork 0
Star 3

Libsafe - Safety Check Bypass Vulnerability (Proof of Concept Exploit & Time Randomization to Thwart It)

www.securityfocus.com/bid/13190/info

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 49 Commits
analysis		analysis
timing		timing
utils		utils
.gitignore		.gitignore
Makefile		Makefile
README		README
bug-interpose.sh		bug-interpose.sh
bug.sh		bug.sh
func_names.txt		func_names.txt
gen_interpose.py		gen_interpose.py
libsafe-2.0-16.tgz		libsafe-2.0-16.tgz
libsafebypass.txt		libsafebypass.txt
ltrace.log		ltrace.log
repeatbug-interpose.py		repeatbug-interpose.py
repeatbug.py		repeatbug.py
run_test.py		run_test.py
thread.c		thread.c

Repository files navigation

Libsafe only works on 32-bit architectures

1) make build: Builds Libsafe, compiles the proof of concept exploit
	'thread', and compiles the library interposition code 'interpose.so'.
   make random MAX_DELAY=x: Randomizes the interposed delays in 'interpose.so'
	with miximum delay MAX_DELAY per interposition.
2) bug.sh: Runs the PoC exploit 'thread' in an environment that preloads
	Libsafe.
3) repeatbug.py: Runs bug.sh 1000 times and reports the number of times that
	Libsafe worked properly.
4) bug-interpose.sh: Runs the PoC exploit in an environment that preloads
	Libsafe as well as the library interposition code 'interpose.so'
5) repeatbug-interpose.py: Runs bug-interpose.sh 1000 times and reports the
	number of times that Libsafe worked properly.
6) gen_interpose.py: Generates interpose.c based off the function prototypes
	listed in 'func_names.txt'.