Explore a groundbreaking DEF CON 31 conference presentation that revolutionizes return-oriented programming (ROP) through the introduction of ROP ROCKET, a sophisticated framework enabling unprecedented capabilities in exploit development. Learn how to leverage a special ROP Heaven's Gate technique to dynamically switch between x86 and x64 architectures when targeting 32-bit applications, significantly expanding potential attack vectors. Discover an innovative approach to DEP bypass using Windows syscalls instead of traditional WinAPI methods, with ROCKET's automatic ROP chain construction feature. Master advanced techniques for overcoming bad character limitations in gadget selection, effectively eliminating a major obstacle in ROP chain creation while gaining the ability to obfuscate gadget functionality. Delve into cutting-edge ROP methodologies that challenge conventional limitations and provide new perspectives even for experienced security researchers.
Overview
Syllabus
DEF CON 31 - Advanced ROP Framework Pushing ROP to Its Limits - Brizendine, Kusuma
Taught by
DEFCONConference