{"title":"A-R漏洞:基于长序列的自动ROP漏洞","authors":"Chao Yang, Tao Zheng, Zhitian Lin","doi":"10.1109/SERE-C.2014.22","DOIUrl":null,"url":null,"abstract":"More attention has been paid to program security since ROP had been proposed. An ROP defence scheme based on detecting frequent set sequences was designed in 2009 and it was proved an useful way to defend most ROP attacks. However, this scheme was bypassed by Lgadget, which makes use of long ret sequences and was proposed by J Cao in 2013. Based on J Cao's work, this paper improves the Lgadgets and designs a frame work automatically distributing gadgets addresses into the stack to trigger an ROP exploit. Our work includes turing-complete gadgets gathering, definition and compilation of upper level language, and automated linking and chaining of the gadgets in the stack. We demonstrate the viability and effectiveness of this kind of automatic exploit.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A-R Exploit: An Automatic ROP Exploit Based on Long Sequence\",\"authors\":\"Chao Yang, Tao Zheng, Zhitian Lin\",\"doi\":\"10.1109/SERE-C.2014.22\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"More attention has been paid to program security since ROP had been proposed. An ROP defence scheme based on detecting frequent set sequences was designed in 2009 and it was proved an useful way to defend most ROP attacks. However, this scheme was bypassed by Lgadget, which makes use of long ret sequences and was proposed by J Cao in 2013. Based on J Cao's work, this paper improves the Lgadgets and designs a frame work automatically distributing gadgets addresses into the stack to trigger an ROP exploit. Our work includes turing-complete gadgets gathering, definition and compilation of upper level language, and automated linking and chaining of the gadgets in the stack. We demonstrate the viability and effectiveness of this kind of automatic exploit.\",\"PeriodicalId\":373062,\"journal\":{\"name\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2014.22\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2014.22","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A-R Exploit: An Automatic ROP Exploit Based on Long Sequence
More attention has been paid to program security since ROP had been proposed. An ROP defence scheme based on detecting frequent set sequences was designed in 2009 and it was proved an useful way to defend most ROP attacks. However, this scheme was bypassed by Lgadget, which makes use of long ret sequences and was proposed by J Cao in 2013. Based on J Cao's work, this paper improves the Lgadgets and designs a frame work automatically distributing gadgets addresses into the stack to trigger an ROP exploit. Our work includes turing-complete gadgets gathering, definition and compilation of upper level language, and automated linking and chaining of the gadgets in the stack. We demonstrate the viability and effectiveness of this kind of automatic exploit.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
