On 32-bit machines, you can disable mmap randomization (and thus library randomization) using ulimit -s unlimited. Also, there's another useful place you can return to that isn't in libc.
It doesn't stop the exploit, as it is still possible to use ptrace to essentially dump the binary, even though it's not readable.
On 32-bit machines, you can disable mmap randomization (and thus library randomization) using ulimit -s unlimited. Also, there's another useful place you can return to that isn't in libc.
It doesn't stop the exploit, as it is still possible to use ptrace to essentially dump the binary, even though it's not readable.