Jump oriented programming on windows platform (on the x86)

  • Authors:

  • Jae-Won Min;Sung-Min Jung;Dong-Young Lee;Tai-Myoung Chung

  • Affiliations:

  • Dept. of Computer Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, Korea;Dept. of Computer Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, Korea;Dept. of Information and Communication, Myong-ji College, Seoul, Korea;Dept. of Computer Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, Korea

  • Venue:
  • ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part III
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

Non-executable memory pages were deployed in operating systems in order to defend against code injection attacks. However, it was bypassed by reusing codes that already exist in the process memory which have the execute permission. The Return-Oriented Programming (ROP), of the most well-known code reuse attack, has been developed and widely used to exploit systems. ROP hijacks the control flow and returns to the middle of instruction sequences that end with a return instruction. These instruction sequences are called gadgets. Researchers proposed many ROP defense mechanisms which mostly relied on the fact that ROP executes many return instructions. Proposed defenses however, are not fundamental defenses. Researches found that the concept of ROP can be implemented in Linux using jump instructions instead of return instructions, therefore successfully bypassing ROP defenses. However, no research was done on implementing the attack on non-Linux systems. In this paper, we show the possibility of implementing JOP (Jump Oriented Programming) attack model on Windows platform by presenting example gadgets and propose an algorithm for searching JOP gadgets in Dynamic Link Libraries.