Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "ASLR"

From NetSec
Jump to: navigation, search
 
(2 intermediate revisions by one other user not shown)
Line 1: Line 1:
 
<b>A</b>ddress <b>S</b>pace <b>L</b>ayout <b>R</b>andomization
 
<b>A</b>ddress <b>S</b>pace <b>L</b>ayout <b>R</b>andomization
  
A [[runtime]] security measure that randomizes the [[memory addresses]] that programs load data and code into.  Usually implemented at the [[Operating System]] level, this will change the location of loaded code at each boot for libraries that are [[nx compliant]]. ASLR Bypass is typically achieved by exploiting a non [[nx compliant]] library in the context of an [[nx compliant]] operating system. You can disable ASLR on Linux (it's enabled by default on 2.6.* kernels) by typing:
+
ASLR is a [[runtime]] security measure that randomizes the [[memory addresses]] that programs load data and code into.  Usually implemented at the [[Operating System]] level, this will change the location of loaded code at each [[boot]] for libraries that are [[nx compliant]]. ASLR Bypass is typically achieved by exploiting a non [[nx compliant]] library in the context of an [[nx compliant]] operating system. It is possible to disable ASLR on [[Linux]] (it's enabled by default on 2.6.* kernels) by typing:
  
sudo echo 0 > /proc/sys/kernel/randomize_va_space
+
{{LinuxCMD|sudo echo 0 > /proc/sys/kernel/randomize_va_space}}
  
into your command line, note that you will need access to root.  
+
Into your command line, note that root access is required to do this.
  
 
[[ASLR]] is implemented in [[Linux]] Kernel 2.6*, Windows XP SP3 and the more recent versions (Vista, 7, and 8).
 
[[ASLR]] is implemented in [[Linux]] Kernel 2.6*, Windows XP SP3 and the more recent versions (Vista, 7, and 8).
 +
 +
 +
=== Related ===
 +
* [[DEP]]
  
 
[[Category:Countermeasures]]
 
[[Category:Countermeasures]]
  
 
{{countermeasures}}
 
{{countermeasures}}
{{cleanup}}{{expand}}{{wrongperson}}
+
{{expand}}

Latest revision as of 09:51, 25 August 2012

Address Space Layout Randomization

ASLR is a runtime security measure that randomizes the memory addresses that programs load data and code into. Usually implemented at the Operating System level, this will change the location of loaded code at each boot for libraries that are nx compliant. ASLR Bypass is typically achieved by exploiting a non nx compliant library in the context of an nx compliant operating system. It is possible to disable ASLR on Linux (it's enabled by default on 2.6.* kernels) by typing:

Terminal

localhost:~ $ sudo echo 0 > /proc/sys/kernel/randomize_va_space

Into your command line, note that root access is required to do this.

ASLR is implemented in Linux Kernel 2.6*, Windows XP SP3 and the more recent versions (Vista, 7, and 8).


Related

ASLR is part of a series on countermeasures.
This article contains too little information, it should be expanded or updated.
Things you can do to help:
  • add more content.
  • update current content.