Классификация ROP гаджетов
https://doi.org/10.15514/ISPRAS-2016-28(6)-2
Аннотация
Список литературы
1. One A. Smashing the stack for fun and profit. Phrack magazine, v. 7, №. 49, 1996, pp. 14-16.
2. Hovav Shacham. The Geometry of Innocent Flash on the Bone: Return-into-libc without Function Calls (on the x86). 2007 ACM Conference on Computer and Communications Security (CCS), Proceedings of CCS 2007, pp. 552-561.
3. Edward J. Schwartz, Thanassis Avgerinos, David Brumley. Q: Exploit Hardening Made Easy. 2011 Usenix Security Symposium (SEC), Proceedings of SEC 2011.
4. Инструмент ROPgadget. https://github.com/JonathanSalwan/ROPgadget
5. V. A. Padaryan, M. A. Solovyev, A. I. Kononov. Simulation of operational semantics of machine instructions. Program. Comput. Software, vol. 37, № 3, 2011, pp. 161-170. DOI: 10.1134/S0361768811030030
6. G. F. Roglia, L. Martignoni, R. Paleari, D. Bruschi. Surgically Returning to Randomized lib(c). 2009 Annual Computer Security Applications Conference (ACSAC), Proceedings of ACSAC 2009, pp. 60-69.
7. CWE-123: Write-what-where Condition. http://cwe.mitre.org/data/definitions/123.html
Рецензия
Для цитирования:
Вишняков А.В. Классификация ROP гаджетов. Труды Института системного программирования РАН. 2016;28(6):27-36. https://doi.org/10.15514/ISPRAS-2016-28(6)-2
For citation:
Vishnyakov A.V. Classification of ROP gadgets. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2016;28(6):27-36. (In Russ.) https://doi.org/10.15514/ISPRAS-2016-28(6)-2