search

nccgroup / asafw

Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]
BSD 3-Clause "New" or "Revised" License
96 stars 30 forks source link

use kernel parameter "norandmaps" to disable ASLR for the newest images #12

Closed cq674350529 closed 5 years ago

cq674350529 commented 5 years ago

Try to fix https://github.com/nccgroup/asafw/issues/8

For the latest images, the original method to disable ASLR doesn't work, for the file /proc/sys/kernel/randomize_va_space is read-only.

So use the kernel parameter norandmaps to disable ASLR instead.

refer: https://www.kernel.org/doc/html/v4.19/admin-guide/kernel-parameters.html norandmaps Don't use address space randomization. Equivalent to echo 0 > /proc/sys/kernel/randomize_va_space

The drawback is that it has conflict with option --root.

I have tested it with image asav9-12-1.qcow2, which seems work well.

# ls -l /proc/sys/kernel/randomize_va_space
ls -l /proc/sys/kernel/randomize_va_space
-r--r--r-- 1 root root 0 Mar 22 09:18 /proc/sys/kernel/randomize_va_space
# cat /proc/sys/kernel/randomize_va_space
cat /proc/sys/kernel/randomize_va_space
0
saidelike commented 5 years ago

Your PR is really sane. Thanks for this, much appreciated. I'll add 2 minor changes to it in a minute.