Smashing the Gadgets: Hindering Return-Oriented Programming Using In-Place Code Rando

Discussion in 'other security issues & news' started by Hungry Man, Mar 31, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    "Like". Looks like they'll be publishing an EMET-like solution soon.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It would be very welcome. As mentioned in the article ASLR does try to break ROP but it isn't perfect - programs have to be specifically compiled to become PIE and even then there are other issues.

    I don't know the state of things for Windows and PIE - on Android it's not supported, one of the major fallbacks of their recently implemented ASLR.

    I think that this would seriously pick up the slack from ASLR and the combination would drive up exploit costs substantially. On its own it's not as useful as ASLR is, it's definitely meant to be paired with it.

    They completely lost me in some areas though. From what I gathered this would be more or less effective depending on the program it's used on because it tries to prioritize compatibility.
     
  4. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Thanks for posting, haven't dug fully into the PDF yet.
    Searching a bit, I found the authors will give a presentation at the '2012 IEEE Symposium on Security and Privacy' link.
    Most of those presentations are waayyy over my head but surely plenty 'food for thought' there for other WSF members.
     
Loading...
Thread Status:
Not open for further replies.