1

is there way to circumvent ASLR without pointer leaks, I mean i read many exploit development course Syllabus and many of them talk about bypass ASLR without pointer leaks, Does anyone can explain to me how it is.

i read
How "leaking pointers" to bypass DEP/ASLR works
How do ASLR and DEP work?

Improve this question
3
  • Do you have references to these courses? Commented Nov 9, 2015 at 2:48
  • @NeilSmithline ptrace-security.com/training/courses/… Commented Nov 9, 2015 at 12:12
  • Thanks for the link. Shane it's not really helpful. Commented Nov 9, 2015 at 15:55

1 Answer 1

Reset to default
2

There are ways, but they depend on the context of exploitation. No one size fits all I'm afraid. Some example techniques of bypassing ASLR; - Partial address overwrite - Brute force - Using non-ASLR libraries. - Non-PIE binaries - Forcing a non-ASLR library to trigger - Heap spraying

I'm sure there are more techniques I missed. But life is a lot easier if you can get a memory leak.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.