Address Space Layout Randomization

Address Space Layout Randomization ( ASLR; German called about random design of the address space structure, short Speicherverwürfelung or Adressverwürfelung ) is a technique that makes it difficult to exploit vulnerabilities in computer systems. By ASLR address ranges allocated to the programs on a random basis, making the system is practically non- deterministic. This is to prevent buffer overflow attacks.

ASLR refers to the EBP and libraries as well as the heap, the text, the data and the BSS segment, the latter are not randomized at all ASLR solutions.

The ASLR technique was first held in the OpenBSD operating system use and has also been introduced with the release of Windows Vista from Microsoft, also it was introduced by Apple in Mac OS X 10.5. However, the implementation differs from one another in Vista and Mac OS X 10.5. While it is fully implemented in Vista ASLR, is protected only the library in Mac OS X 10.5. With the introduction of Mac OS X 10.7 Lion ASLR is implemented completely. The official Linux kernel since version 2.6.12 provides an (incomplete ) ASLR implementation, but can be used with PaX or Exec Shield a wider support. With the update to iOS 4.3 ASLR technique is the first time on an operating system for mobile devices application. The implementation in the mobile Internet browser Safari users should bring safety benefits, but initially led to a vulnerability. The hacker Charlie Miller managed just three days after the release of firmware, this hack on the ASLR gateway. Android version 4.0 (Ice Cream Sandwich) also contains an (incomplete ) ASLR implementation. As of version 4.1 (Jelly Bean) Android now has a complete implementation.

Bypass via Spraying

ASLR can be bypassed by so-called Spraying. In this case, the malicious code on hundreds of megabytes in memory is duplicated ( large-scale " spraying "). This increases the likelihood that anyway ( eventually) runs a library call malicious code.