{"id":18,"date":"2012-11-28T14:16:31","date_gmt":"2012-11-28T01:16:31","guid":{"rendered":"http:\/\/micro.muppetz.com\/blog\/?p=18"},"modified":"2015-02-04T14:37:44","modified_gmt":"2015-02-04T01:37:44","slug":"paxtest-grsecurity-vs-vanilla-kernel","status":"publish","type":"post","link":"https:\/\/micro.muppetz.com\/blog\/2012\/11\/28\/paxtest-grsecurity-vs-vanilla-kernel\/","title":{"rendered":"Paxtest: grsecurity vs vanilla kernel"},"content":{"rendered":"

Vanilla Kernel<\/span>
\n
\ntimh@Jumphost-Lab:~$ paxtest blackhat
\nPaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 or later
\nWriting output to \/home\/timh\/paxtest.log
\nIt may take a while for the tests to complete
\nTest results:
\nPaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 or later
\nMode: Blackhat
\nLinux Jumphost-Lab 3.2.0-29-generic 46-Ubuntu SMP Fri Jul 27 17:03:23 UTC 2012 x86_64 x86_64 x86_64 GNU\/Linux
\nExecutable anonymous mapping : Killed
\nExecutable bss : Killed
\nExecutable data : Killed
\nExecutable heap : Killed
\nExecutable stack : Killed
\nExecutable shared library bss : Killed
\nExecutable shared library data : Killed
\nExecutable anonymous mapping (mprotect) : Vulnerable
\nExecutable bss (mprotect) : Vulnerable
\nExecutable data (mprotect) : Vulnerable
\nExecutable heap (mprotect) : Vulnerable
\nExecutable stack (mprotect) : Vulnerable
\nExecutable shared library bss (mprotect) : Vulnerable
\nExecutable shared library data (mprotect): Vulnerable
\nWritable text segments : Vulnerable
\nAnonymous mapping randomisation test : 9 bits (guessed)
\nHeap randomisation test (ET_EXEC) : 14 bits (guessed)
\nHeap randomisation test (PIE) : 16 bits (guessed)
\nMain executable randomisation (ET_EXEC) : No randomisation
\nMain executable randomisation (PIE) : 8 bits (guessed)
\nShared library randomisation test : 10 bits (guessed)
\nStack randomisation test (SEGMEXEC) : 19 bits (guessed)
\nStack randomisation test (PAGEEXEC) : 19 bits (guessed)
\nReturn to function (strcpy) : Vulnerable
\nReturn to function (memcpy) : Killed
\nReturn to function (strcpy, PIE) : Vulnerable
\nReturn to function (memcpy, PIE) : Killed
\nGrsecurity\/PaX hardened kernel
\n<\/code>
\nGrsecurity Enabled Kernel<\/span>
\n
\ntim@beaker ~> paxtest blackhat
\nPaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 or later
\nWriting output to paxtest.log
\nIt may take a while for the tests to complete
\nTest results:
\nPaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 or later
\nMode: blackhat
\nLinux beaker 3.6.8-grsec 1 SMP Wed Nov 28 09:30:28 NZDT 2012 i686 GNU\/Linux
\nExecutable anonymous mapping : Killed
\nExecutable bss : Killed
\nExecutable data : Killed
\nExecutable heap : Killed
\nExecutable stack : Killed
\nExecutable anonymous mapping (mprotect) : Killed
\nExecutable bss (mprotect) : Killed
\nExecutable data (mprotect) : Killed
\nExecutable heap (mprotect) : Killed
\nExecutable shared library bss (mprotect) : Killed
\nExecutable shared library data (mprotect): Killed
\nExecutable stack (mprotect) : Killed
\nAnonymous mapping randomisation test : 18 bits (guessed)
\nHeap randomisation test (ET_EXEC) : 22 bits (guessed)
\nHeap randomisation test (ET_DYN) : 24 bits (guessed)
\nMain executable randomisation (ET_EXEC) : 18 bits (guessed)
\nMain executable randomisation (ET_DYN) : 18 bits (guessed)
\nShared library randomisation test : 18 bits (guessed)
\nStack randomisation test (SEGMEXEC) : 24 bits (guessed)
\nStack randomisation test (PAGEEXEC) : 24 bits (guessed)
\nReturn to function (strcpy) : Vulnerable
\nReturn to function (strcpy, RANDEXEC) : Vulnerable
\nReturn to function (memcpy) : Vulnerable
\nReturn to function (memcpy, RANDEXEC) : Vulnerable
\nExecutable shared library bss : Killed
\nExecutable shared library data : Killed
\nWritable text segments : Killed
\n<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"

Vanilla Kernel timh@Jumphost-Lab:~$ paxtest blackhat PaXtest – Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 or later Writing output to \/home\/timh\/paxtest.log It may take a while for the tests to complete Test results: PaXtest – Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org> Released under the GNU Public Licence version 2 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,18,10],"tags":[19,21,20],"class_list":["post-18","post","type-post","status-publish","format-standard","hentry","category-grsecurity","category-security","category-technical","tag-grsec","tag-linux","tag-security"],"_links":{"self":[{"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/posts\/18","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/comments?post=18"}],"version-history":[{"count":3,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/posts\/18\/revisions"}],"predecessor-version":[{"id":115,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/posts\/18\/revisions\/115"}],"wp:attachment":[{"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/media?parent=18"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/categories?post=18"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/micro.muppetz.com\/blog\/wp-json\/wp\/v2\/tags?post=18"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}