Is there anyone experienced with systrace who might be able to answer the follow question?!
I am looking to run an exploit under systrace. The exploit is a ctorrent exploit
and it is found at
http://www.milw0rm.com/exploits/8470. ctorrent is a torrent
application and the exploit is a python script which coverts a torrent file to
a malicious torrent which, when run by ctorrent, causes a buffer overflow
attack and a Segmentation fault message appears. I have successfully run the
exploit using ctorrent and get the appropriate message, however, when I run it
using systrace while enforcing a policy I don't get the Segmentation fault
message, and I don't get any log errors, but a multitude of system calls are
being performed and the actions completes.
I have also changed the policy to remove permissions of a system call which the
exploit requires, and when run under systrace -a, it logs this error and an
error messages comes up saying the operation can not be performed. It seems to
me as if the action is taking place, however the Segmentation fault message
simply isn't being displayed... but this doesn't make sense to me...
Is there any information or help that you could provide me with to help me
conclude whether or not the exploit is being properly executed, and a message
just isn't being displayed?