Address space layout randomization (ASLR) is a defense mechanism developed by the Pax Project against buffer overflow attacks. This memory-protection process randomizes the executable location when loaded in memory. Because, as we learned in the previous sections, if locations are predictable, then system exploitation will be easy. It started as a Linux patch in 2001, but later was integrated in many other operating systems. ASLR can be defeated using the following techniques:
- Bruteforcing all the possible 256 addresses until the exploit works
- Generating block of NOPs until we get a legitimate memory