locating default signal handler for SIGSEGV

From: Devrat Mittal (u02113_at_cs.unipune.ernet.in)
Date: 12/08/03

  • Next message: Scovetta, Michael V: "RE: Internet Explorer JavaScript insecure function"
    Date: Mon, 8 Dec 2003 17:51:32 +0530 (IST)
    To: vuln-dev@securityfocus.com
    
    

    hi ppl,
    Can anyone tell me how can I locate the signal handler for SIGSEGV,
    so that I can call it directly. The reason: I have a proftpd-1.2.7 binary,
    on which I am using the proftpd \n processing bug exploit, & i am trying
    to locate the correct offset (ret address) for it. So the daemon does do a
    segfault & it has a handler installed for it. So it displays

    Proftpd terminating (signal 11)...

    Problem is I cant run the code under gdb as the segfault fails to occur if
    i debug the binary, further i cant recompile the binary at all as that
    also changes addresses & the segfault fails to occur. My goal is to
    somehow call the default signal handler (to get a core dump) & then
    analyze the program to see where the shellcode was placed.

    Plz help me coz there aint no hackers here whom i can consult.

    -- 
    Devrat Mittal
    M.tech 2nd year
    Department of computer Science, 
    Pune University, 
    Pune, 
    India.
    

  • Next message: Scovetta, Michael V: "RE: Internet Explorer JavaScript insecure function"