September 26, 2016

Exploitation 105

Return Oriented Programming (ROP) is introduced and a modern history of exploit mitigations is revisted. Other *-oriented programming exploitation techniques are discussed at a high level like Jump Oriented Programming (JOP) and Call Oriented Programming (COP). We walk through how to chain functions together with the stack under various function calling conventions (cdecl, fastcall, stdcall), and introduce the concept of gadgets. ROP Gadget compilers are introduced briefly. Finally the second half of the lecture presents a review of topics for MIDTERM 2.

[ Slides ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

No comments:

Post a Comment

Note: Please keep comments academic in nature.