Return Oriented Programming - Exploit Implementation using Pwntools

Authors

  • Jayesh Zala  Computer Engineering Department, A. D. Patel Institute of Technology, Karamsad, Gujarat, India

DOI:

https://doi.org/10.32628/CSEIT206545

Keywords:

Return-Oriented Programming, ASLR, DEP, Stack Cracking Attack, CDECL, STDCALL, FASTCALL.

Abstract

A common approach to leverage software vulnerabilities in the contemporary operating system has been the Return-Oriented Programming(ROP) attack. Although protection mechanisms are involved in the OS, an attacker may execute arbitrary code with the support of ROP. A decade ago, Return Oriented programming was designed to solve the buffer overflow exploit security mechanisms such as ASLR, DEP (or W?X) by reusing the machine code in the form of gadgets that are stitched together to render a full assault on Turing. And it will take more complex efforts to conduct a Turing complete attack, and very little data is possible to perform it with raw input. Therefore, in this project, we are systematizing the interpretation of the new findings that can be used to carry out a full ROP attack with the help of pwntools python library.

References

  • “Smashing The Stack For Fun And Profit” by Aleph One
  • x86 calling conventions https://blog.csdn.net/Scotthuang1989/article/details/42969393
  • Calling conventions https://www.tfzx.net/article/6972315.html
  • “Penetration Testing with Shellcode” by Hamza Megahed.
  • “The advanced return-into-lib(c) exploits” by Ihsahn, "Alsvartr"
  • ROP Emporium https://ropemporium.com/
  • “Programming in ANSI C” by E. Balaguruswamy
  • pwntools documentation http://docs.pwntools.com/en/stable/
  • “Beginning Ethical Hacking with Python” by Sanjib Sinha
  • “Hacking: The Art of Exploitation” by Jon Erickson
  • “Practical Reverse Engineering: X86, X64, ARM, Windows Kernel, Reversing Tools, and Obfuscation” by Alexandre Gazet, Bruce Dang, and Elias Bachaalany
  • “The Shellcoder's Handbook: Discovering and Exploiting Security Holes” by Chris Anley, Felix Lindner, and John Heasman
  • “When to use __fastcall” by Kent Reisdorph http://bcbjournal.org/articles/vol4/0004/When_to_use___fastcall.htm
  • GDB-PEDA https://github.com/longld/peda
  • “Beginning X64 Assembly Programming: From Novice to AVX Professional” by Jo Van Hoey

Downloads

Published

2020-10-30

Issue

Section

Research Articles

How to Cite

[1]
Jayesh Zala, " Return Oriented Programming - Exploit Implementation using Pwntools" International Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 6, Issue 5, pp.194-198, September-October-2020. Available at doi : https://doi.org/10.32628/CSEIT206545