Bypassing Windows Vista's Address Space Layout Randomization

Address Space Layout Randomization, in short ASLR, is one of the new features in Microsoft’s new client operating system Windows Vista. ASLR’s goal is to prevent code execution by randomizing the layout of the process’ virtual address space. As a consequence, an attacker can not assume anymore that a certain instruction can be found on an expected memory location, making reliable code execution almost impossible.

The question is how effective is this protection mechanism really? Will it turn all client-side bugs into non exploitable vulnerabilities? In short, the answer is no. While ASLR will certainly raise the bar, making reliable exploitation of the majority of client-side bugs impossible, there are still situations where ASLR can be bypassed.


What you will learn:
- The effectiveness of ASLR
- Some limitations and ways to bypass ASLR


Target audience:

Penetration testers, system administrators, and security engineers.
Basically anyone how wants to know more about Vista's new security feature.


Requirements:

- A solid understanding of exploitation techniques as teached in our module
 "Exploiting Buffer Overflow Vulnerabilities on Windows Systems"


Duration: 30 min

Secure payment processing through

Price: €8.99

You may also be interested in this/these product(s):

Exploiting Buffer Overflow Vulnerabilities on Windows €8.99 Add to Cart

Exploiting Buffer Overflow Vulnerabilities on Mac OS X (PPC) €5.00 Add to Cart

Exploiting Buffer Overflow Vulnerabilities on Mac OS X (Intel) €8.99 Add to Cart