Open AccessReturn Oriented Programming - Exploit Implementation using Pwntools
Author(s) -
Jayesh Zala
Publication year - 2020
Publication title -
international journal of scientific research in computer science, engineering and information technology
Language(s) - English
Resource type - Journals
ISSN - 2456-3307
DOI - 10.32628/cseit206545
Subject(s) - exploit , computer science , code reuse , python (programming language) , operating system , programming language , software , buffer overflow , reuse , taint checking , source code , computer security , engineering , waste management
A common approach to leverage software vulnerabilities in the contemporary operating system has been the Return-Oriented Programming(ROP) attack. Although protection mechanisms are involved in the OS, an attacker may execute arbitrary code with the support of ROP. A decade ago, Return Oriented programming was designed to solve the buffer overflow exploit security mechanisms such as ASLR, DEP (or W?X) by reusing the machine code in the form of gadgets that are stitched together to render a full assault on Turing. And it will take more complex efforts to conduct a Turing complete attack, and very little data is possible to perform it with raw input. Therefore, in this project, we are systematizing the interpretation of the new findings that can be used to carry out a full ROP attack with the help of pwntools python library.