overwriting .dtors using gcc 3

On Tue, 7 Oct 2003, DownBload wrote:

> Now we see .dynamic section between .data and .dtors section.  That
> section will be overflowed if we want to overflow .dtors, and that is
> not good.
> .dtors technique will still work for format string bugs, wild pointers
> etc.

You can try to solve this problem setting LD_BIND_NOW=1 in environment, to
force the dynamic linker to process all relocations before trasferring
control to the program. See abo7-ex.c in:


Some other useful exploitation examples:



