Title :
Tazhi: A novel technique for hunting trampoline gadgets of jump oriented programming (A class of code reuse attacks)
Author :
Sadeghi, Ali-Akbar ; Aminmansour, Farzane ; Shahriari, Hamid-Reza
Author_Institution :
Dept. of Comput. Eng. & Inf. Technol., Amirkabir Univ. of Technol., Tehran, Iran
Abstract :
Code reuse attacks enable attackers to manipulate the memory and execute their own code on a target system without the need to inject any operating code in the memory space. Jump Oriented Programming is known as a class of this type which has two different kinds of implementation. The main idea is to chain different sequences of instructions terminated to an indirect jump by using controller gadgets called dispatchers or trampolines. This paper focuses on the second type of implementations which uses trampoline gadgets. Finding useful trampolines in different libraries is an issue that considered here. This paper shows useful intended and unintended trampolines available in some famous versions of libraries in Windows and Linux platforms. Additionally, our searching algorithm and a comparison between results of trampolines are presented.
Keywords :
Linux; object-oriented programming; security of data; Linux platforms; Tazhi; Windows platforms; code reuse attacks; controller gadgets; dispatchers; jump oriented programming; trampoline gadgets; Filtering algorithms; Libraries; Loading; Malware; Programming; Registers; Writing; Code Reuse Attacks; Jump Oriented Programming; Trampoline gadget;
Conference_Titel :
Information Security and Cryptology (ISCISC), 2014 11th International ISC Conference on
Conference_Location :
Tehran
DOI :
10.1109/ISCISC.2014.6994016
