View RSS Feed

Recent Blogs Posts

  1. ASLR DEP bypassing techniques

    In defeating DEP you atleast need some information that will evade the ASLR.
    There are mainly two ways:

    1. Any anti ASLR modules gets loaded into the target application. I mean you have the base address of any module at fixed location always even after the system restart.

    2. You get a pointer leak from a memory leak/buffer overflow/any zeroday. In this technique you can adjust the offsets to grab the base address of the module whose pointer gets leaked.
    ...