Defeating ASLR is not an easy job, but it can be done often with some creativity. Usually there are two ways to do it: finding some weakness in the randomizer and attack it by brute force or some partial leak / partial overwrite, ...