# ASLR: Address Space Layout Randomization ## What is ASLR? ASLR is a security mechanism that randomizes memory addresses (or layout) of processes. Its goal is to make it difficult to locate a certain variable or code by relocating them on every run (hence letting them have different addresses across runs). However, it makes the debugging challenging. Specifically, when you are working on Pin, you may need to use addresses of instructions and variables to compare their values across runs. With ASLR, the addresses will vary across runs, making it difficult to identify corresponding variables/instructions and their values. ## What is this script? I provide a simple script that can `test`, `on`, and `off` the ASLR. For the security, it is always recommended to turn `on` the ASLR on your host computer. Use this script only in the VM, and after the debugging, please restart the system (the ASLR will be turned on after the system reboots) or turn on the ASLR. ### 1. Download the script ```bash= wget https://yonghwi-kwon.github.io/class/softsec/script/aslr/aslr.sh chmod +x aslr.sh ``` The script has 4 ways to run * `./aslr.sh` and `./aslr.sh test`: test/check the ASLR's current state * `./aslr.sh on`: turn on ASLR * `./aslr.sh off`: turn off ASLR ### 2. Check whether ASLR is turned on or off ```bash= ./aslr.sh ``` or ```bash= ./aslr.sh test ``` * Output Example  ### 3. Turn off ASLR ```bash= ./aslr.sh off ``` * Output Example  ### 4. Turn on ASLR ```bash= ./aslr.sh on ``` * Output Example