Skip to content

Reverse Engineering

Reverse engineering is the process of analyzing a product, system, or piece of software in order to understand how it works.

Disable ASLR


Disable ASLR on the whole system :

# Turn OFF
echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
# Turn ON
echo 2 | sudo tee /proc/sys/kernel/randomize_va_space


The value is stored on IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE at offset 0x40.

Disable ASLR on a binary (2 options) :

  1. Open the binary with PEStudio, go to optional-header and set address-space-layout-randomization (ASLR) to false.
  2. Open the binary with CFFExplorer, go to Optional Header, click on DllCharateristics and uncheck DLL can move.