ASLR
Address Space Layout Randomization
ASLR 會造成 stack 與 heap 隨機化
aslr on
aslr off
32bit可以使用
ulimit -s unlimited
關閉,原因為下Many attacks on ASLR exist including brute force, even on 64 bit systems. http://www.tapironline.no/last-ned/1081
solution
- ret2libc
- 在32bit下
libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xf7 _ _ _ 000)
通常只有3位數會改變,可以暴力攻擊
References
http://security.cs.pub.ro/hexcellents/wiki/kb/exploiting/home#address-space-layout-randomization