In order to prevent and/or mitigate the exploitation of stack-based buffer overflow vulnerabilities in executable binary files, several security defenses have been proposed in the last few decades. Some of these have been deployed mostly on operative system or compiler sides. A technique that allows an attacker to execute arbitrary code, even in the presence of some of these security defenses, is the return-oriented programming technique (ROP technique). In this technical report, we illustrate a possible way of setting up a local lab for reversing ELF executables, along with a case study showing how to redirect the execution flow of a sample flawed executable binary, leveraging ROP technique.
Leveraging ROP to redirect the execution flow of flawed binaries
F M Lauria;A Oliveri
2018
Abstract
In order to prevent and/or mitigate the exploitation of stack-based buffer overflow vulnerabilities in executable binary files, several security defenses have been proposed in the last few decades. Some of these have been deployed mostly on operative system or compiler sides. A technique that allows an attacker to execute arbitrary code, even in the presence of some of these security defenses, is the return-oriented programming technique (ROP technique). In this technical report, we illustrate a possible way of setting up a local lab for reversing ELF executables, along with a case study showing how to redirect the execution flow of a sample flawed executable binary, leveraging ROP technique.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.