According to some papers 64-bit ASLR (Address Space Layout Randomization) is a strong protection against brute force attacks. E.g. asserts that “Since every bit doubles the number of possible stack layouts, most of the working brute force exploits for a x86 architecture will not succeed on a x64 machine.”, and state that “We speculate that the most promising solution [for brute force attacks] appears to be upgrading to a 64-bit architecture.”.
This paper evaluates brute force attacks against 64-bit ASLR by actually attempting it. It demonstrates an implementation of a brute force low-level attack against Linux’s standard ASLR implementation as of 2012. It presents expected results and then actual results; finally it gives a conclusion. It is assumed the reader is already familiar with simple low-level exploitation techniques as the concept itself is not covered in this paper.
The paper concludes that ASLR alone, as implemented in the standard Linux kernel versions discussed cannot withstand brute force attacks.
This paper evaluates brute force attacks against 64-bit ASLR by actually attempting it. It demonstrates an implementation of a brute force low-level attack against Linux’s standard ASLR implementation as of 2012. It presents expected results and then actual results; finally it gives a conclusion. It is assumed the reader is already familiar with simple low-level exploitation techniques as the concept itself is not covered in this paper.
The paper concludes that ASLR alone, as implemented in the standard Linux kernel versions discussed cannot withstand brute force attacks.