The downside of current polymorphism techniques lies to the fact that they require a writeable code section, either marked as such in the corresponding Portable Executable (PE) section header, or by changing permissions during runtime. Both approaches are identified by AV software as alarming characteristics and/or behavior, since they are rarely found in benign PEs unless they are packed. In this paper we propose the use of Return-Oriented Programming (ROP) as a new way to achieve polymorphism and evade AV software. To this end, we have developed a tool named ROPInjector which, given any piece of shellcode and any non-packed Portable Executable (PE) file, it transforms the shellcode to its ROP equivalent and patches it into (i.e. infects) ...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract Return-oriented programming (ROP) has become the primary exploitation technique for system ...
Software obfuscation plays a crucial role in protecting intellectual property in software from rever...
The downside of current polymorphism techniques lies to the fact that they require a writeable code ...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Return-oriented programming (ROP) is an attack that has been shown to be able to circumvent W+X prot...
Return Oriented Programming (ROP) is the de-facto technique used to exploit most of today’s native-c...
Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕X, a software de...
Abstract. Return-oriented programming (ROP) is an attack that has been shown to be able to circumven...
In recent years, researchers have come up with proof of concepts of seemingly benign applications su...
With the increased popularity of embedded devices, low-level programming languages like C and C++ ar...
Return-oriented programming (ROP) is a technique that enables an adversary to construct malicious pr...
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive ta...
Return-Oriented Programming (ROP) is a technique that enables an adversary to construct malicious pr...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract Return-oriented programming (ROP) has become the primary exploitation technique for system ...
Software obfuscation plays a crucial role in protecting intellectual property in software from rever...
The downside of current polymorphism techniques lies to the fact that they require a writeable code ...
Return-oriented programming (ROP) has become the primary exploitation technique for system compromis...
Return-oriented programming (ROP) is an attack that has been shown to be able to circumvent W+X prot...
Return Oriented Programming (ROP) is the de-facto technique used to exploit most of today’s native-c...
Prior work has shown that return oriented programming (ROP) can be used to bypass W⊕X, a software de...
Abstract. Return-oriented programming (ROP) is an attack that has been shown to be able to circumven...
In recent years, researchers have come up with proof of concepts of seemingly benign applications su...
With the increased popularity of embedded devices, low-level programming languages like C and C++ ar...
Return-oriented programming (ROP) is a technique that enables an adversary to construct malicious pr...
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive ta...
Return-Oriented Programming (ROP) is a technique that enables an adversary to construct malicious pr...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract Return-oriented programming (ROP) has become the primary exploitation technique for system ...
Software obfuscation plays a crucial role in protecting intellectual property in software from rever...