Explore an alternative code-reuse attack technique called Jump-Oriented Programming (JOP) in this comprehensive 53-minute lecture by Dr. Bramwell Brizendine. Begin with an introduction to code reuse attacks and a simplified low-level view before delving into a brief history of Return-Oriented Programming (ROP). Examine ROP chain output from Mona and trace the historical timeline of JOP. Review key elements of JOP, including the dispatch table and dispatcher gadget, while distinguishing what JOP is and is not. Discover the JOP ROCKET framework, focusing on its print sub-menu, flexibility, and automation of chain generation. Explore advanced topics such as multiple stack pivots, virtual protect JOP chains, and automatic JOP chain construction. Learn how to use JOP to avoid bad bytes and implement stack pivoting. Investigate real-world exploit scenarios and expand your understanding of dispatcher gadgets, including two-gadget dispatchers using jmp and call instructions.
An Introduction to Jump-Oriented Programming - An Alternative Code-Reuse Attack
CAE in Cybersecurity Community via YouTube
Overview
Syllabus
Intro
Code Reuse Attacks
Starting Low Level - A Simplified View
A (Very) Brief History on ROP
Rop Chain Output from Mona
JOP: Historical Timeline
Review: Key Elements of JOP
Dispatch Table and Dispatcher Gadget
What JOP Is and What JOP Is Not
JOP ROCKET Overview
Print Sub-menu
Flexibility
Automating Chain Generation
Automating JOP Chain Generation
Series of Multiple Stack Pivots
JOP Chain Sub-menu
JOP Chain for Virtual Protect
Automatic JOP Chain Construction
Using JOP to Avoid Bad Bytes
Stack Pivoting with JOP
Overwriting Dummy Values - Push
Real-World Exploit
Expanding the Dispatcher Gadget
Two-gadget Dispatcher: Jmp
Two-gadget Dispatcher: Call
Taught by
CAE in Cybersecurity Community
