Automatic construction of jump-oriented programming shellcode (on the x86)

Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ... Pub Date : 2011-03-22 DOI:10.1145/1966913.1966918

Ping Chen, Xiao Xing, Bing Mao, Li Xie, Xiaobin Shen, Xinchun Yin

{"title":"Automatic construction of jump-oriented programming shellcode (on the x86)","authors":"Ping Chen, Xiao Xing, Bing Mao, Li Xie, Xiaobin Shen, Xinchun Yin","doi":"10.1145/1966913.1966918","DOIUrl":null,"url":null,"abstract":"Return-Oriented Programming (ROP) is a technique which leverages the instruction gadgets in existing libraries/executables to construct Turing complete programs. However, ROP attack is usually composed with gadgets which are ending in ret instruction without the corresponding call instruction. Based on this fact, several defense mechanisms have been proposed to detect the ROP malicious code. To circumvent these defenses, Return-Oriented Programming without returns has been proposed recently, which uses the gadgets ending in jmp instruction but with much diversity. In this paper, we propose an improved ROP techniques to construct the ROP shellcode without returns. Meanwhile we implement a tool to automatically construct the real-world Return-Oriented Programming without returns shellcode, which as demonstrated in our experiment can bypass most of the existing ROP defenses.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2011-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1966913.1966918","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 39

Abstract

Return-Oriented Programming (ROP) is a technique which leverages the instruction gadgets in existing libraries/executables to construct Turing complete programs. However, ROP attack is usually composed with gadgets which are ending in ret instruction without the corresponding call instruction. Based on this fact, several defense mechanisms have been proposed to detect the ROP malicious code. To circumvent these defenses, Return-Oriented Programming without returns has been proposed recently, which uses the gadgets ending in jmp instruction but with much diversity. In this paper, we propose an improved ROP techniques to construct the ROP shellcode without returns. Meanwhile we implement a tool to automatically construct the real-world Return-Oriented Programming without returns shellcode, which as demonstrated in our experiment can bypass most of the existing ROP defenses.

查看原文本刊更多论文

自动构造面向跳转的编程shellcode(在x86上)

面向返回编程(Return-Oriented Programming, ROP)是一种利用现有库/可执行文件中的指令工具来构造图灵完全程序的技术。然而，ROP攻击通常由小工具组成，这些小工具以ret指令结束，而没有相应的调用指令。基于这一事实，提出了几种检测ROP恶意代码的防御机制。为了规避这些防御，最近提出了无返回的面向返回编程，它使用以jmp指令结尾的gadget，但具有很大的多样性。在本文中，我们提出了一种改进的ROP技术来构造无返回的ROP shell代码。同时，我们实现了一个工具来自动构建真实世界的面向返回的编程，而不需要返回shellcode，正如我们在实验中所展示的那样，它可以绕过大多数现有的ROP防御。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...

自引率

0.00%

发文量