Presentation is loading. Please wait.

Presentation is loading. Please wait.

Address Space Layout Randomization (ASLR) Dirk Gordon

Published byΠαλλάς Αποστολίδης Modified over 6 years ago

Similar presentations

Presentation on theme: "Address Space Layout Randomization (ASLR) Dirk Gordon"— Presentation transcript:

1 Address Space Layout Randomization (ASLR) Dirk Gordon

2 Implementation (32 bit) Windows Vista Linux 2.6.12
8 (28 = 256) bits of randomization Linux 16 (216 = 65536) bits of randomization

3 Process Memory ASLR_DEMO memory layout Buffer 4 bytes EBP 4 bytes
Return Address 4 bytes

4 Process Memory ASLR_DEMO memory layout Buffer AAAA 4 bytes EBP 4 bytes
Return Address \x00\x00\x00\x00 4 bytes

5 Process Memory ASLR_DEMO memory layout Buffer AAAA 4 bytes EBP 4 bytes
Points to System() System() Address 4 bytes System() Return Address Points to Exit() 4 bytes Binary to execute System() Parameter 4 bytes

Download ppt "Address Space Layout Randomization (ASLR) Dirk Gordon"

Similar presentations

Topics Working Set Background Working Set Aging/Trimming.

Topics Working Set Background Working Set Aging/Trimming.
PICAXE Memory.

PICAXE Memory.
Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.

Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.
David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.

David Brumley Carnegie Mellon University Credit: Some slides from Ed Schwartz.
Part III Counter measures The best defense is proper bounds checking but there are many C/C++ programmers and some are bound to forget  Are there any.

Part III Counter measures The best defense is proper bounds checking but there are many C/C++ programmers and some are bound to forget  Are there any.
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
Framing Signals— A Return to Portable Shellcode

Framing Signals— A Return to Portable Shellcode
A Buffer Overflow Example João Paulo Magalhães 2009.

A Buffer Overflow Example João Paulo Magalhães 2009.
CS 153 Design of Operating Systems Spring 2015 Lecture 19: Page Replacement and Memory War.

CS 153 Design of Operating Systems Spring 2015 Lecture 19: Page Replacement and Memory War.
Software and Security Buffer Overflow 1.

Software and Security Buffer Overflow 1.
Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.

Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.
1 Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.

1 Engineering Problem Solving With C++ An Object Based Approach Fundamental Concepts Chapter 1 Engineering Problem Solving.
Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Maziéres, Dan Boneh

Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Maziéres, Dan Boneh
Chapter 2. Definition Characteristics ExamplesNon-examples Input Graphic.

Chapter 2. Definition Characteristics ExamplesNon-examples Input Graphic.
OllyDbg Debuger.

OllyDbg Debuger.

How to ? Subnetting. Scenario How Many Networks? 2 How Many Network addresses are required? 2 Addresses Used: 192.168.10.0 subnet mask 255.255.255.0 192.168.20.0.

How to ? Subnetting. Scenario How Many Networks? 2 How Many Network addresses are required? 2 Addresses Used: subnet mask
Paging Examples Assume a page size of 1K and a 15-bit logical address space. How many pages are in the system?

Paging Examples Assume a page size of 1K and a 15-bit logical address space. How many pages are in the system?
COS 598: Advanced Operating System. Operating System Review What are the two purposes of an OS? What are the two modes of execution? Why do we have two.

COS 598: Advanced Operating System. Operating System Review What are the two purposes of an OS? What are the two modes of execution? Why do we have two.
Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.

Buffer Overflows : An In-depth Analysis. Introduction Buffer overflows were understood as early as 1972 The legendary Morris Worm made use of a Buffer.

Similar presentations

Ads by Google