=======================================================.
A High Efficient Protection against Brute-force Attacks
=======================================================.
- Zhilong Wang [email protected]
- Xuhua Ding [email protected]
- Chengbin Pang [email protected]
- Jian Guo [email protected]
- Jun Zhu [email protected]
- Bing Mao [email protected]
If you used our code, please cite our paper.
To Detect Stack Buffer Overflow with Polymorphic Canaries
@inproceedings{polymorphiccanaries,
author = {Z. Wang and X. Ding and C. Pang and J. Guo and J. Zhu and B. Mao},
booktitle = {2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
title = {To Detect Stack Buffer Overflow with Polymorphic Canaries},
year = {2018},
volume = {00},
number = {},
pages = {243-254},
keywords={Security;Runtime;Instruments;Force;Tools;Instruction sets},
doi = {10.1109/DSN.2018.00035},
url = {doi.ieeecomputersociety.org/10.1109/DSN.2018.00035},
ISSN = {2158-3927},
month={Jun}
}
For program with source code.
# build runtime environment
$ cd /Runtime Environment
$ make
Make your choose according your needs.
# build LLVM pass
$ mkdir build && cd build
$ cmake ..
$ make
$ cd Compiler based Implementation/P-SSP
$ make
# build gcc plugin(if your compiler is GCC)
$ mkdir build && cd build
$ cmake ..
$ make
$ cd Compiler based Implementation/P-SSP
$ make
# For small program, compile your application with the following (GNU GCC) flags:
$ gcc -fstack-protector -fplugin=<PROJECT_SOURCE_DIR>/GCC_PLUGIN/PolymorphicCanaries.so test.c -o test
# For larger projects, adding `-fstack-protector',`-fno-omit-frame-pointer', and `-fplugin=<PROJECT_SOURCE_DIR>/GCC_PLUGIN/PolymorphicCanaries.so' to `CFLAGS'.
# For small program, compile your application with the following flags:
$ clang -Xclang -load -Xclang <PROJECT_SOURCE_DIR>/Compiler based Implementation/P-SSP/libStackDoubleProtector.so test.c -o test
# For larger projects, adding `-Xclang -load -Xclang <PROJECT_SOURCE_DIR>/Compiler based Implementation/P-SSP/libStackDoubleProtector.so' to `CFLAGS'.
# run
$ export LD_PRELOAD=<PROJECT_SOURCE_DIR>/Runtime Environment/LIBPolymorphicCanaries.so
$ ./yourprogram
For program without source code.
# Build runtime environment
$ cd Binary based implementation/dynamic linked proram/
$ make
# Rewrite your programs
$ ./Binary based implementation/dynamic linked proram/InstrumentationCode yourprogram
# Run your program with PSSP
$ export LD_PRELOAD=<PROJECT_SOURCE_DIR>/Runtime Environment/LIBPolymorphicCanaries.so
$ ./yourprogram