A practical analysis of ROP attacks

by   Ayush Bansal, et al.

Control Flow Hijacking attacks have posed a serious threat to the security of applications for a long time where an attacker can damage the control Flow Integrity of the program and execute arbitrary code. These attacks can be performed by injecting code in the program's memory or reusing already existing code in the program (also known as Code-Reuse Attacks). Code-Reuse Attacks in the form of Return-into-libc Attacks or Return-Oriented Programming Attacks are said to be Turing Complete, providing a guarantee that there will always exist code segments (also called ROP gadgets) within a binary allowing an attacker to perform any kind of function by building a suitable ROP chain (chain of ROP gadgets). Our goal is to study different techniques of performing ROP Attacks and find the difficulties encountered to perform such attacks. For this purpose, we have designed an automated tool which works on 64-bit systems and generates a ROP chain from ROP gadgets to execute arbitrary system calls.


page 1

page 2

page 3

page 4


LoadLord: Loading on the Fly to Defend Against Code-Reuse Attacks

Code-reuse attacks have become a kind of common attack method, in which ...

Block Oriented Programming: Automating Data-Only Attacks

With the wide deployment of Control-Flow Integrity (CFI), control-flow h...

The never ending war in the stack and the reincarnation of ROP attacks

Return Oriented Programming (ROP) is a technique by which an attacker ca...

Steroids for DOPed Applications: A Compiler for Automated Data-Oriented Programming

The wide-spread adoption of system defenses such as the randomization of...

SafeLLVM: LLVM Without The ROP Gadgets!

Memory safety is a cornerstone of secure and robust software systems, as...

Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation

Largely known for attack scenarios, code reuse techniques at a closer lo...

MAJORCA: Multi-Architecture JOP and ROP Chain Assembler

Nowadays, exploits often rely on a code-reuse approach. Short pieces of ...

Please sign up or login with your details

Forgot password? Click here to reset