Jump to content
Nytro

Deep Dive into ROP Payload Analysis

By Nytro, in Reverse engineering & exploit development

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Deep Dive into ROP Payload Analysis

Author: Sudeep Singh

Purpose

The purpose of this paper is to introduce the reader to techniques, which can be

used to analyze ROP Payloads, which are used in exploits in the wild. At the same

time, we take an in depth look at one of the ROP mitigation techniques such as stack

pivot detection which is used in security softwares at present.

By taking an example of 2 exploits found in the wild (CVE-2010-2883 and CVE-2014-

0569), a comparison between the ROP payloads is done in terms of their complexity

and their capability of bypassing the stack pivot detection.

A detailed analysis of the ROP payloads helps us understand this exploitation

technique better and develop more efficient detection mechanisms.

This paper is targeted towards Exploit Analysts and also those who are interested in

Return Oriented Programming.

Download: http://www.exploit-db.com/wp-content/themes/exploit/docs/35355.pdf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...