Journal of South China University of Technology(Natural Science) >

2019 , Vol. 47 >Issue 6: 31 - 38

DOI: https://doi.org/10.12141/j.issn.1000-565X.180255

Computer Science & Technology

Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment

Expand
  • School of Electronic Warfare,National University of Defense Technology,Hefei 230037,Anhui,China 
黄宁(1990-),男,博士生,主要从事软件漏洞分析研究.

Received date: 2017-12-20

  Revised date: 2019-01-20

  Online published: 2019-05-05

Supported by

Supported by the National Key Research and Development Program“Cyberspace Security”(2017YFB0802905) 

Fold

Abstract

Return Oriented Programming (ROP) is a kind of technology to bypass the Data Execution Prevention (DEP). Existing technologies for automatic ROP generation can not optimize the progress of instructions assign- ment for modules switching in multi-modules ROP payload,leading to the problem of large amounts of memory space are occupied. In order to solve this problem,a new static instructions assignment rule SIA for ROP modules switching was designed based on the automatic ROP generation system Q. SIA constructs intermediate sequence of instructions by static instructions assignment,and finds the address and modifies the pointers by dynamic data fill- ing. Experimental results show that,compared with the existing technologies,the multi-modules ROP payload gen- erated by SIA needs less memory space so that improve the practicability of ROP.

Key words: return oriented programming; data execution prevention; static instructions assignment; multi-mod- ules ROP

Cite this article

HUANG Ning HUANG Shuguang HUANG Hui DENG Zhaokun . Automatic Generation of Multi-modules ROP Based on Static Instructions Assignment[J]. Journal of South China University of Technology(Natural Science), 2019 , 47(6) : 31 -38 . DOI: 10.12141/j.issn.1000-565X.180255

References

 
Options
Outlines

/