|
|
|
|
|
|
by Sirened
1287 days ago
|
|
|
So just ROP to the syscall you want in libc. Instead of targeting the syscall instruction, directly call mmap. System call randomization is a feature designed to discourage legitimate software from hardcoding syscall numbers. It is not meant as an exploit mitigation. |
|
|