![]() This area may be the same buffer overflowed during the attack or some other user-controlled area. In ROP, an attacker attempts to exploit a buffer overflow that causes the vulnerable function to return to an area of the program under the attacker’s control. The fact that an attacker can overwrite the return address of a function on the stack is the basis for return-oriented programming (ROP). This is useful to an attacker performing a buffer overflow, since the memory that will be overwritten by an overflowed buffer is the pointer to the next instruction to be executed. Typically, user input to a function will be stored in a local variable, meaning that it will be placed in the memory space directly above the return address on the stack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |