An alternative method in format string exploitation – a paper discussing a method of making format string exploits static again on 2.6 with random VA.
You can download it from the following link: https://packetstormsecurity.com/files/download/51206/fmat.txt
Source: https://packetstormsecurity.com/files/51206/fmat.txt.html