Anti-Rop

Discussion in 'other security issues & news' started by CloneRanger, Jan 11, 2012.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,918
    I know at least one person that might be interested in this ;)

     
  2. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,052
    Microsoft implementing it into EMET in 3..2..1.. :D Would be nice to have, EMET for the win. :)
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    errrr is there any more information anywhere? lol

    I'm using Windows 8, which already has anti-ROP built in but I don't know if they work the same way.
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Not exactly a confidence builder.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yeah... I don't see a download link either. I've also never heard of these people.
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm not even sure they're referring to software and not a hardware component.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It says it patches files so I think software.

    I'm curious as to how they do detection (if this is legitimate) in any way different from win8.
     
  8. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    They obviously don't mind, using humour on their website. On the 'Synjector: Synapse's Code Integration Engine' webpage, they state about the engine;
    "Does the Framework works on Linux ? - Porting in Progress
    Is it based on another engine ? - NO, We coded it from scratch
    Defeats Aliens ? - YES
    Chuck Norris Approved ? - YES
    How does it work ? - We Don't Know !
    ". link

    I'm not really sure though what exactly can be taken lightheartedly and what seriously...
     
    Last edited: Jan 11, 2012
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Me either. By the way, that link is broken.

    Anyways, if you want to defeat ROP just use ASLR. It makes it much more difficult (EMET/ 64bit OS.)

    EDIT: Or does it? I'm not sure since it uses a different tactic than typical rlibc
    EDIT2: As I suspected ASLR would not effect ROP directly but if the entire address space is randomized it will make it more difficult.

    http://www.garage4hackers.com/blogs/61/aslr-dep-bypassing-techniques-242/
     
    Last edited: Jan 11, 2012
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.