Play all

Intro

What is JOP?

Explaining Return Oriented Programming

In Depth Explanation

Dispatcher

Functional Gadgets

Basic Gadget Flavors

Current Tools

Issues to Consider: Basic Support

Issues to Consider: Architecture Support

Architecture Support in Popular ROP Gadget Tools

Actual Functionality Provided

Functionality Examples

Ropgadget

General Issues

Improving Basic Gadget Search

Improving Gadget Comprehension

Gadget Comprehension Strategies

Gadget Comprehension Example with Unicorn VM

Approaches to Gadget Composition

Corelan's ROP Algorithm from Mona.py

Technique: SMT Solver and Emulator

ARM Support

Adding New Architecture Support: AVR

The Current State of AVR Disassembler Framworks

How about Sparc?

Sparc Encoding Example

Overview

Ideas for the Future

Description:

Explore jump-oriented programming (JOP) and its comparison to return-oriented programming (ROP) in this 34-minute conference talk from ANYCon 2017. Delve into the intricacies of JOP, including dispatcher and functional gadgets, as well as basic gadget flavors. Examine current tools, their limitations, and potential improvements in areas such as basic support, architecture support, and gadget comprehension. Learn about innovative approaches to gadget composition, including the use of SMT solvers and emulators. Discover the challenges and opportunities in adding support for new architectures like ARM, AVR, and SPARC. Gain insights into the current state of disassembler frameworks and encoding examples. Conclude with an overview of JOP techniques and explore ideas for future developments in this field of cybersecurity.

Jumping the Fence - Comparison and Improvements for Existing Jump Oriented Programming Tools

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Software Security #Ethical Hacking #Exploit Development #Computer Science #Software Engineering #Formal Methods #SMT Solvers #Return-oriented Programming