[eli5] Address Space Layout Randomization (ASLR)

181 views

[ad_1]

The whole idea of ASLR is to protect against buffer overflow by allowing applications to load at different memory location each time they are run?

In: Technology
[ad_2]

Yep.

This sounds very confusing and complicated to implement but if you understand the concept of virtual memory it makes a lot more sense.

ASLR doesn’t prevent buffer overflows – it just makes it harder to exploit them to perform code execution.

When I exploit a buffer overflow, what I’m most likely doing is overwriting the parts of the stack containing the *return address* by custom addresses of my choosing.

If I don’t know what addresses to write into the stack, I can’t figure out how to make the program jump where I want it to jump!

1. The hacker writes malicious code into memory but it doesn’t do anything until it’s executed

2. The hacker wants to set the return pointer to point to the malicious code so that the computer will execute that malicious code

3. If the address space is randomized, then it’s harder to know where the malicious code got stored in memory so it’s harder to get the victim’s computer to execute it