Despite numerous attempts to mitigate code-reuse attacks, Return-Oriented Programming (ROP) is still at the core of exploiting memory corruption vulnerabilities. Most notably, in JIT-ROP, an attacker dynamically searches for suitable gadgets in executable code pages, even if they have been randomized. JIT-ROP seemingly requires that (i) code is readable (to find gadgets at run time) and (ii) executable (to mount the overall attack). As a response, Execute-no-Read (XnR) schemes have been proposed to revoke the read privilege of code, such that an adversary can no longer inspect the code after fine-grained code randomizations have been applied. We revisit these ``inherent'' requirements for mounting JIT-ROP attacks. We show that JIT-ROP at...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
The wide adoption of non-executable page protections in recent versions of popular operating systems...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Abstract Despite numerous attempts to mitigate code-reuse attacks, Return-Oriented Programming (ROP)...
Abstract—Return-oriented programming (ROP) has become the dominant form of vulnerability exploitatio...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code reuse attacks allow an adversary to impose malicious behavior on an otherwise benign program. T...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Exploit development is an arm race between attackers and defenders. In this thesis, I will introduce...
Web browsers are one of the most important enduser applications to browse, retrieve, and present Int...
Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕X, a software de...
Memory-corruption vulnerabilities pose a serious threat to modern computer security. Attackers explo...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
The wide adoption of non-executable page protections in recent versions of popular operating systems...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Abstract Despite numerous attempts to mitigate code-reuse attacks, Return-Oriented Programming (ROP)...
Abstract—Return-oriented programming (ROP) has become the dominant form of vulnerability exploitatio...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code reuse attacks allow an adversary to impose malicious behavior on an otherwise benign program. T...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Exploit development is an arm race between attackers and defenders. In this thesis, I will introduce...
Web browsers are one of the most important enduser applications to browse, retrieve, and present Int...
Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕X, a software de...
Memory-corruption vulnerabilities pose a serious threat to modern computer security. Attackers explo...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
The wide adoption of non-executable page protections in recent versions of popular operating systems...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...