EvilZone

Hacking and Security => Tutorials => : kenjoe41 May 30, 2013, 10:18:34 PM

: Introduction to return oriented programming (ROP)
: kenjoe41 May 30, 2013, 10:18:34 PM

What is ROP?

Return Oriented Programming (ROP) is a powerful technique used to counter common exploit prevention strategies. In particular, ROP is useful for circumventing Address Space Layout Randomization (ASLR)1 and DEP2. When using ROP, an attacker uses his/her control over the stack right before the return from a function to direct code execution to some other location in the program. Except on very hardened binaries, attackers can easily find a portion of code that is located in a fixed location (circumventing ASLR) and which is executable (circumventing DEP). Furthermore, it is relatively straightforward to chain several payloads to achieve (almost) arbitrary code execution.

Read more:http://codearcana.com/posts/2013/05/28/introduction-to-return-oriented-programming-rop.html