Address space layout randomization (ASLR) mitigates against binary exploitation attacks by randomizing the address offsets of program segments and shared libraries, which increases the difficulty of redirection. Enabling ASLR in the OS only randomizes the placement of stack, heap, and shared libraries by default; the .text
section is only randomized if the binary is also compiled with -fPIE
(position-independent code).
To check if ASLR is enabled, run cat /proc/sys/kernel/randomize_va_space
-
0: Disabled
-
1: Only the positions of stack, vDSO, and shared memory is randomized. The data segment is placed immediately after executable code segment.
-
2: (Default) Randomize the above and the data segment..
-
https://security.stackexchange.com/questions/18556/how-do-aslr-and-dep-work