function address still changed with ASLR disabled and canary not set during compiling

Reverse Engineering Asked by Redshrimp on September 22, 2020

Background: It is a x64 linux executable, and I am trying to jump to function sym.redirect_call @ 0x00401184, with 120 byte nopled plus 8 byte for the new address. However, every time when I insert the payload the last 8 byte changed, which makes the jump unavailable. I wonder why this is happening? I’ve disabled the ASLR on my machine, and canary flag is not set during compiling. For more details, please check the picture that I attached. Any help will be appreciated!

Add your own answers!

Ask a Question

Get help from others!

© 2024 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP