Concepts

ASLR

Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.

Address space layout randomization (ASLR) is a computer security technique involved in preventing exploitation of memory corruption vulnerabilities. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, ASLR randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack, heap and libraries.

PAPER: http://cybersecurity.upv.es/solutions/aslr-ng/ASLRNG-BH-white-paper.pdf

Other resource: https://ironhackers.es/en/tutoriales/pwn-rop-bypass-nx-aslr-pie-y-canary/

Ret2shell

THere are some things we need to know:

• What shellcode we want to create? (shellcraft)

• Where is our pinput buffer? (Look for leaks in the code)

• Is NX disabled? (checksec)

• What is the architecture?(checksec)