4 lines
482 B
Plaintext
4 lines
482 B
Plaintext
ASLR randomizes the base addresses of memory segments like the stack and shared libraries on every execution.
|
|
To defeat it an information leak vulnerability is usually required to read a valid memory address at runtime.
|
|
Since ASLR only shifts the memory regions as a whole, the relative offsets between functions remain constant.
|
|
By leaking a single pointer the base address can be calculated, which allows computing the exact runtime location of the target function or ROP gadgets. |