Exploit Methods/Reused code chunks
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Details
This is more generally knows as Return Oriented Programming (ROP) or Jump Oriented Programming (JOP), but ultimately boils down to using the kernel's own executable memory to build a chain of gadgets in order to perform the attacker's exploit.
Examples
Mitigations
- compiler instrumentation for Control Flow Integrity (CFI)
- Return Address Protection, Indirect Control Transfer Protection (e.g. RAP)
- Constant blinding (to defeat JIT sprays)