Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

EAF+ mitigation blocks read attempts to export and import table addresses originating from modules commonly used to probe memory during the exploitation of memory corruption vulnerabilities. EAF+ is an extension of EAF that can be used independently or in combination with EAF itself.

Mandatory Address Space Layout Randomization (MandatoryASLR)

...

 

MandatoryASLR randomizes the location where modules are loaded in memory, limiting the ability of an attacker attackers to point to predetermined memory addresses. Modules are forced to load at randomized addresses for a target process regardless of the flags it was compiled with so that exploits using ROP and relying on predictable mappings will fail. 

 


Bottom-Up Address Space Layout Randomization (BottomUpASLR) - Improves the Mandatory ASLR mitigation by randomizing the base address of bottom-up allocations.

...