Exploiting Linux and PaX ASLR’s weaknesses on 32-bit and 64-bit systems
暂无分享,去创建一个
Address Space Layout Randomization is a very effective mitigation technique. The first implementation was done by the PaX team in 2001, and since then it has been the most advanced and secure. We have analyzed the PaX an Linux implementations, and found several weaknesses. We have carried out a deep review and analysis of all constraints that determine ASLR operation. Based on these results we have designed and implemented a novel ASLR called ASLR-NG, which maximized the entropy (security) and does not introduce fragmentation (compatibility). ASLR-NG is specially suitable for 32-bit systems because of their intrinsic reduced VMA size. We have developed ASLRA, a tool to analyze the quality of the ASLR. This tool shows that ASLR-NG outperforms PaX ASLR in all aspects.
[1] Hector Marco Gisbert,et al. On the Effectiveness of Full-ASLR on 64-bit Linux , 2014 .
[2] Paul R. Wilson,et al. The memory fragmentation problem: solved? , 1998, ISMM '98.