Dive deep into the world of Jump-Oriented Programming (JOP) and learn how to bypass Data Execution Prevention (DEP) in this comprehensive 57-minute conference talk from the Hack In The Box Security Conference. Explore the fundamental differences between JOP and Return-Oriented Programming (ROP), and discover why JOP has been largely overlooked in code-reuse attacks. Gain insights into the JOP ROCKET tool, developed by Dr. Bramwell Brizendine, which enables the discovery of dispatcher gadgets and automated construction of complete JOP gadget chains. Understand the nuances and challenges of crafting JOP exploits, including how to avoid using the stack for control flow. Learn about the potential defenses against JOP, such as Control Flow Guard (CFG), and scenarios where JOP attacks may still be effective. Watch live demonstrations of both manual and automated JOP exploit creation, and grasp the practical applications of this advanced exploitation technique in modern Windows environments.
Overview
Syllabus
#HITB2021AMS D1T1 - Bypassing DEP With Jump-Oriented Programming - B. Brizendine and A. Babcock
Taught by
Hack In The Box Security Conference
Related Courses
-
An Introduction to Jump-Oriented Programming - An Alternative Code-Reuse Attack
-
Pre-built JOP Chains with the JOP ROCKET - Bypassing DEP without ROP
-
Jumping the Fence - Comparison and Improvements for Existing Jump Oriented Programming Tools
-
Advanced ROP Framework - Pushing Return-Oriented Programming to Its Limits
-
Data-Oriented Programming - On the Expressiveness of Non-Control Data Attacks
-
Automatic Generation of ROP Chains
