ASLR Address Space Lay­out Ran­dom­iza­tion is a tech­nique which ran­dom­izes address­es in the stack and heap. If address­es of func­tions are ran­dom­ized (e.g. from shared libraries like libc), then an attack­er can­not use a pre­de­fined exploit with hard-cod­ed addresses.

Linux

Dis­able ASLR:

echo 0 > /proc/sys/kernel/randomize_va_space

Enable ASLR:

echo 2 > /proc/sys/kernel/randomize_va_space

In GDB, ASLR is deac­ti­vat­ed by default. Use aslr on to acti­vate it.

Windows

On Win­dows, ASLR loads a library at a ran­dom posi­tion in the mem­o­ry — but (accord­ing to a lec­tur­er at IR March 2025) this is the same for each exe­cute­able as long as there is no reboot. That means that if a process ana­lyzes his own mem­o­ry and detect e.g. a library, it can cal­cu­late there it would be in anoth­er prozess.