Jump to content
Sign in to follow this  
Followers 0
Download-Fritz

KASLR in no-caches boot?

2 posts in this topic

Recommended Posts

Hey guys,

 

Does someone happen to know if boot.efi uses KASLR even in no-cache mode (-f), for the versions of OS X that even support it? I don't have the setup to test (only El Capitan, which no longer supports -f), so would be cool if somebody knew. :)

 

Regards,

DF.

Share this post


Link to post
Share on other sites
Advertisement

I threw a Mountain Lion boot.efi into IDA and it seems like KASLR is used with no-cache boot.

It's used when:

 

1) prelinkedkernel header (if booting with caches) has a prelinkVersion >=1 AND the kernel's mach_header's flags has MH_PIE set.

2) You are not booting in safe mode.

3) It has not been disabled via the according hotkey.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.

×