| With the advancement of technology and the rapid spread of the Internet in the entire society,computer systems and various applications are facing more and more cyber attacks.Even if there are already many protective measures,attackers can always find the target system's loopholes and use them maliciously.Return-oriented programming(ROP)attack is one of the most prominent attacks.This code reuse attack effectively overcomes the limitations of the stack unexecutable protection strategies such as DEP and NX compared to traditional injection attacks.ROP attack is a new exploit attack mode.It's core is code reuse technology.Some specific defense measures followed,such as defense based on the integrity of the return address can effectively prevent the implementation of ROP attacks;In addition ROP can not break segmentation randomized defense,the attack must obtain dynamic library information.To solve the above problems,this paper proposes a new ROP variant attack,function pointer ROP attack and ROP attack based on dynamic loading mechanism.Researching new variant attacks will greatly promote the development of new computer defense measures.The main work of this paper is as follows:(1)For the problem that the injection attack cannot break through the NX defense,this paper studies and implements Return-to-libc attack and ROP attack to bypass the NX defense,and simultaneously constructs ROP attack manually and automatically.(2)To solve the problem that ROP attacks are easily limited by the return address integrity protection,a function pointer ROP attack is proposed and implemented to bypass the detection based on the return address.(3)For ROP attacks and function pointer-based ROP attacks that cannot bypass ASLR protection mechanisms and the disadvantages of leaking dynamic library addresses,this paper implements ROP attacks based on the ELF dynamic loading mechanism vulnerability to overcome the above problems. |
PDF Full Text Request