Explore the world of Jump-oriented Programming (JOP) and learn how to bypass Data Execution Prevention (DEP) without using Return-oriented Programming (ROP) in this informative Black Hat conference talk. Discover the JOP ROCKET, a new reverse engineering and exploitation framework that enables the creation of pre-built JOP chains. Gain insights into the practical application of JOP, its advantages over ROP, and how to utilize the JOP ROCKET tool for exploit development. Examine topics such as Job Control Flow, the JOP Rocket interface, manual and automated generation approaches, and handling BadBytes. Presented by Austin Babcock and Bramwell Brizendine, this 37-minute talk provides a comprehensive overview of JOP techniques and tools for cybersecurity professionals and researchers interested in advanced exploit development methods.
Pre-built JOP Chains with the JOP ROCKET - Bypassing DEP without ROP
Overview
Syllabus
Intro
Agenda
Job Control Flow
Job Control Flow Diagram
Job Rocket Overview
Job Rocket Interface
Manual Approach
Automated Generation
BadBytes
Austin
Taught by
Black Hat
Related Courses
-
Bypassing DEP With Jump-Oriented Programming
-
Automatic Generation of ROP Chains
-
An Introduction to Jump-Oriented Programming - An Alternative Code-Reuse Attack
-
Jumping the Fence - Comparison and Improvements for Existing Jump Oriented Programming Tools
-
ROP with a 2nd Stack, or This Exploit is a Recursive Fibonacci Sequence Generator
-
Uncommon Sense - Detecting Exploits with Novel Hardware Performance Counters and ML Magic
