An Introduction to Jump-Oriented Programming - An Alternative Code-Reuse Attack
CAE in Cybersecurity Community via YouTube
Overview
Syllabus
Intro
Code Reuse Attacks
Starting Low Level - A Simplified View
A (Very) Brief History on ROP
Rop Chain Output from Mona
JOP: Historical Timeline
Review: Key Elements of JOP
Dispatch Table and Dispatcher Gadget
What JOP Is and What JOP Is Not
JOP ROCKET Overview
Print Sub-menu
Flexibility
Automating Chain Generation
Automating JOP Chain Generation
Series of Multiple Stack Pivots
JOP Chain Sub-menu
JOP Chain for Virtual Protect
Automatic JOP Chain Construction
Using JOP to Avoid Bad Bytes
Stack Pivoting with JOP
Overwriting Dummy Values - Push
Real-World Exploit
Expanding the Dispatcher Gadget
Two-gadget Dispatcher: Jmp
Two-gadget Dispatcher: Call
Taught by
CAE in Cybersecurity Community