This forum is in archive mode. You will not be able to post new content.

Author Topic: Introduction to return oriented programming (ROP)  (Read 2188 times)

0 Members and 1 Guest are viewing this topic.

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Introduction to return oriented programming (ROP)
« on: May 30, 2013, 10:18:34 PM »

What is ROP?

Return Oriented Programming (ROP) is a powerful technique used to counter common exploit prevention strategies. In particular, ROP is useful for circumventing Address Space Layout Randomization (ASLR)1 and DEP2. When using ROP, an attacker uses his/her control over the stack right before the return from a function to direct code execution to some other location in the program. Except on very hardened binaries, attackers can easily find a portion of code that is located in a fixed location (circumventing ASLR) and which is executable (circumventing DEP). Furthermore, it is relatively straightforward to chain several payloads to achieve (almost) arbitrary code execution.

Read more:
« Last Edit: May 30, 2013, 10:20:53 PM by kenjoe41 »
If you can't explain it to a 6 year old, you don't understand it yourself.[<NgGw/hsq]>EvbQrOrousk[/img]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.