Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Return-oriented programming.


  • Please log in to reply
5 replies to this topic

#1 bwrighttwo

bwrighttwo

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:11 PM

Posted 16 August 2014 - 09:27 PM

Anyone here know much about Return-oriented programming used maliciously?



BC AdBot (Login to Remove)

 


#2 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:03:11 PM

Posted 17 August 2014 - 04:22 AM

There's pretty much no legitimate reason to do it :)

 

Billy3


Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#3 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:11 PM

Posted 17 August 2014 - 12:21 PM

I am just trying to figure out some issues i am having. Not wanting to use it maliciously. LOL



#4 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:03:11 PM

Posted 17 August 2014 - 01:17 PM

What could you possibly want to do with ROP other than exploit vulnerabilities? It is far more efficient to just write the code you want for any legitimate purpose.

 

Billy3


Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#5 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:11 PM

Posted 17 August 2014 - 01:59 PM

Look,......This stuff is waaaaaay over my head. I have had unexplained issues with my machines since Nov/Dec 2011. No one seems to know what. I am sort of learning as i go. Thanks for your info.



#6 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:03:11 PM

Posted 18 August 2014 - 05:37 PM

ROP is a mechanism one uses when you find memory corruption in a memory area that is nonexecutable to effectively get code into that memory area. I'm not sure what you mean by "issues." Once an attacker is on the box they'd just install traditional program(s) -- they'd not need to keep using ROP.

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users