Questions tagged [aslr]
Address space layout randomization (ASLR) is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process's address space.
aslr
199
questions
0
votes
1
answer
13
views
ASLR and address space for glibc
Take two functions in the libc.so.6 listing, for example:
setvbuf 0017a3f0
system 0014f760
The two are 0x2ac90 distant.
Upon execution with ASLR enabled, will the functions be called from ...
1
vote
0
answers
18
views
What is the correct way to use addr2line for a Linux PIE program?
We have raw addresses from a Linux program's call stack, but how do we use addr2line to convert the addresses if the program is a position-independent executable (PIE)?
In Windows, we can record the ...
-1
votes
1
answer
114
views
How do I fix this error: in PyCharm: The application was unable to start correctly (0xc0000005)
After doing a fresh install of PyCharm 2019.2.5 with Windows 10, I get this message
I tried to install it for a course I am taking but got stuck and it won't open the IDE. Even after uninstalling and ...
0
votes
0
answers
30
views
how to use virtual function in a kernel with ASLR enabled?
I'm writing my own kernel with rust.
While I'm trying to relocate my kernel to some high virtual address (eg. an offset +0xffffffff00000000), everything seems to work well except calling virtual ...
0
votes
0
answers
40
views
How to get invariant thread-stack address for GCC compiled executable?
My question is based on this tiny stkaddr.cpp program:
#include <stdio.h>
int main(int argc, char *argv[])
{
printf("&argc = %p\n", &argc);
}
Using Visual Studio 2019, I ...
0
votes
1
answer
214
views
How debugger managed to disable ASLR
I have wrote a c program on a Linux computer which displays main function address.
ASLR seems to be enabled because address is not the same if a launch the program several times.
I have tried to debug ...
0
votes
0
answers
136
views
Function address in executable ( inspected by objdump ) not matching the address of the same function printed by printf. What happens under the hood?
I'm on an Ubuntu ( 22.04.3) x86_64 system.
I know how virtual memory and pages work in general and I also know that systems can use ASLR.
However I'd like to know what exactly happens in an Ubuntu ...
0
votes
1
answer
104
views
How is ASLR supposed to work with coredumps?
I have a situation where a coredump (generated on a remote system) is not matching symbols in the .o file. I am suspecting this is due to ASLR. Unfortunately, I'm not sure how ASLR is supposed to ...
0
votes
0
answers
41
views
Is Windows ASLR session-based?
I've heard that Windows ASLR is session-based: A DLL would be relocated only once in each session, subsequent linking to the same dll in the same session would reuse this cached relocation.
So I tried:...
1
vote
0
answers
22
views
Does ASLR randomize .data when the binary has no PIE? [duplicate]
I've been playing with a binary programmed in C that has a buffer overflow to investigate how the different binary protections work and I've run into a situation that I can't quite figure out.
I made ...
0
votes
0
answers
103
views
How to randomize address space at runtime for benchmarking purposes
I'm looking for a mechanism like ASLR for Linux in order to benchmark a distributed application while accounting for incidental layout changes. For background and motivation, see the Stabilizer paper.
...
3
votes
1
answer
460
views
Put a breakpoint with GDB in function without symbols
I debug a remote Linux process with GdbServer. And I want to put a breakpoint in some function.
The problem is that this process use ASLR so each time that process load in another address. I can watch ...
1
vote
0
answers
961
views
How does gdb disable randomization for a single process?
I came from this link: Force gdb to load shared library at randomized address and I learned that gdb will disable ASLR for the current process.
But the only way I know to disable ASLR is to do it ...
0
votes
0
answers
36
views
I dont have the linker option in Visual Studio 2013 How to enable it? [duplicate]
I dont have the linker option in Visual Studio 2013
How to enable it? My project is C#. I want to enable disable ASLR, DEP features for specific DLLs
I want to see the settings related to /DYNAMICBASE
...
1
vote
0
answers
287
views
When would it be useful to disable ASLR for a C application?
I understand the purpose and function of ASLR, and have disabled it for a few applications to exploit possible vulnerabilities, but are exploiting vulnerabilities in memory the only purpose of ...