Skip to content
/ ASLR-tester Public

Program to test ASLR (Addess Space Layout Randomization) of the Linux Kernel

machinaut.posterous.com
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

machinaut/ASLR-tester

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

ASLR-test

ASLR-test

 
 

ASLR-test-parsed.dat

ASLR-test-parsed.dat

 
 

ASLR-tester.c

ASLR-tester.c

 
 

ASLR-tester.py

ASLR-tester.py

 
 

README

README

 
 

parser.py

parser.py

 
 

plot.png

plot.png

 
 

plot2.png

plot2.png

 
 

plots.gp

plots.gp

 
 

Repository files navigation

Based on Jon Larimer's Talk at ShmooCon 2011 (in Washington DC):
    USB Autorun attacks against Linux

He used something similar to this to show ASLR weaknesses about halfway
through the talk.  I figured it'd be simple enough to whip one together

I'll be first writing a python tester, then transferring it to C.
Next I'll be doing it in go, but this time massively parallelized (to see how concurrent calls affect it).
The idea is if we guarantee concurrent calls to the library, will it still move in memory (using a dedicated programmed USB device)

I'll probably also put handy plotting scripts in here for gnuplot cause i like gnuplot

Basic overview:
# launch process
# get pid
# /proc/pid/mmap
# tells where addr of each libraries
# look for libc
# log to output

From there we plot the results to see which addresses are more common than
others, and those will be targets for following hacks.

About

Program to test ASLR (Addess Space Layout Randomization) of the Linux Kernel

machinaut.posterous.com

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published