IIT Home Page CNR Home Page

Leveraging ROP to redirect the execution flow of flawed binaries

In order to prevent and/or mitigate the exploitation of stack-based buffer overflow vulnerabilities in executable binary files, several security defenses have been proposed in the last few decades. Some of these have been deployed mostly on operative system or compiler sides. A technique that allows an attacker to execute arbitrary code, even in the presence of some of these security defenses, is the return-oriented programming technique (ROP technique). In this technical report, we illustrate a possible way of setting up a local lab for reversing ELF executables, along with a case study showing how to redirect the execution flow of a sample flawed executable binary, leveraging ROP technique.


IIT authors:

Andrea Oliveri

Foto di Andrea Oliveri

Type: Rapporto Tecnico
Field of reference: Computer Science & Engineering
IIT TR-01/2018

File: IIT-01-2018.pdf

Activity: Rete telematica del CNR di Pisa