Address Space Layout Randomization (ASLR)
What is Address Space Layout Randomization (ASLR)?
ASLR is an operating-system defense that randomizes where code and data live in a process’s memory (stacks, heaps, libraries, and sometimes the executable) so attacks that rely on fixed addresses are far harder to pull off.
Examples
- A classic buffer overflow needs the address of system() in a shared library. With ASLR, that library loads at a different base each run, so the hard-coded address fails.
- An app is rebuilt as a Position Independent Executable (PIE). Now the main binary’s base address also changes, removing a reliable anchor for Return-Oriented Programming (ROP).
Discover 🔎
Exploits often depend on knowing exactly where things sit in memory—functions, gadgets, return addresses, and buffers. ASLR scrambles that map on every process start: the stack begins at a new location, the heap grows from a different base, shared libraries load at random addresses, and—if the binary is compiled as PIE—the executable itself moves too. Without a stable map, hard-coded jumps miss their target and many memory-corruption attacks fail or become unreliable.
Summary 📝
ASLR scrambles memory layout so attackers can’t rely on fixed addresses. On 64-bit systems—especially with PIE, DEP/NX, and control-flow protections—it turns many one-shot exploits into unreliable guesses that defenders can detect and stop. It’s not a cure-all: fix memory-safety bugs and remove info leaks to keep ASLR effective.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.