SeBROP: blind ROP attacks without returns
作者:Tianning Zhang, Miao Cai, Diming Zhang, Hao Huang
摘要
Currently, security-critical server programs are well protected by various defense techniques, such as Address Space Layout Randomization(ASLR), eXecute Only Memory(XOM), and Data Execution Prevention(DEP), against modern code-reuse attacks like Return-oriented Programming(ROP) attacks. Moreover, in these victim programs, most syscall instructions lack the following ret instructions, which prevents attacks to stitch multiple system calls to implement advanced behaviors like launching a remote shell. Lacking this kind of gadget greatly constrains the capability of code-reuse attacks.
论文关键词:code-reuse attack, ROP, signal
论文评审过程:
论文官网地址:https://doi.org/10.1007/s11704-021-0342-8