IIT Home Page CNR Home Page

Leveraging ROP to redirect the execution flow of flawed binaries

In order to prevent and/or mitigate the exploitation of stack-based buffer overflow vulnerabilities in executable binary files, several security defenses have been proposed in the last few decades. Some of these have been deployed mostly on operative system or compiler sides. A technique that allows an attacker to execute arbitrary code, even in the presence of some of these security defenses, is the return-oriented programming technique (ROP technique). In this technical report, we illustrate a possible way of setting up a local lab for reversing ELF executables, along with a case study showing how to redirect the execution flow of a sample flawed executable binary, leveraging ROP technique.


Autori IIT:

Andrea Oliveri

Foto di Andrea Oliveri

Tipo: Rapporto Tecnico
Area di disciplina: Computer Science & Engineering
IIT TR-01/2018

File: IIT-01-2018.pdf

Attività: Rete telematica del CNR di Pisa