dragons_ctf
dragons_ctf
dragons_ctf
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Brute-forcing ASLR<br />
• ASLR on popular 32-bit Linux distributions (e.g. Ubuntu) is<br />
inherently weak.<br />
– ≤12 bits of main image base address entropy.<br />
– ≤12 bits of libc image base address entropy.<br />
– ≤12 bits of heap allocation entropy.<br />
• Remote exploitation tasks can withstand multiple attempts.<br />
• 4096 is definitely doable over the course of several minutes / hours.