Why should I use ROP for exploit dev?

Question

Return Oriented Programming is a technique for bypassing DEP which based on ret2libc.. ROP is used for formatting the API function parameters in order to make a reliable shellcode..

I dont get something.. How ROP makes shellcoing reliable?Why should I use ROP instead of the old way ret2libc?

Based on technical mistakes in this post, I don't think you will be able to grasp this concept until you spend a few thousand hours using a debugger and writing C and ASM. — rook, Sep 13 '14 at 22:42

rook · Answer 1 · 2014-09-13T22:44:07.340

2

Exploit developers use ROP chains when there is no other option. ASLR limits where an exploit can jump reliably, as the heap and stack address will be randomized. However, some of the application's own functionality may not be randomized. When an attacker is forced into this position, they use a series of ROP gadgets to establish an environment that can reliably execute shellcode.

edited Sep 13 '14 at 22:44

answered Sep 13 '14 at 22:38

rook

46,916
10
92
181

Why should I use ROP for exploit dev?

1 Answers1