About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

The never ending problems of local ASLR holes in Linux- 153

blazeinfosecPosted 6 Years Ago
  • Address Space Layout Randomization (ASLR) is a defense-in-defense security mechanism that randomizes the location of memory for the stack, heap and other data fields (not the code itself though). This was built into the kernel for most OS's in order to make the barrier for exploitation higher. If a memory leak cannot be found, then exploitation is almost impossible (unless your Google).
  • Although ASLR has mitigated a ton of remote attacks, it appears that locally it has been an issue.
  • Several exploits have been written that allow for the leaking of pointers and other sensitive pieces of information by viewing the process information. This article chronologically goes over these exploits.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed