Tiny jump-oriented programming attack (A class of code reuse attacks)

Code reuse attacks such as return oriented programming and jump oriented programming become the most popular exploitation methods among attackers. A large number of practical and non-practical defenses have been proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among them is to consider the common behavior of code reuse attacks, which is the construction of a gadget chain. Therefore, the implication of a gadget and the minimum size of an attack chain are a matter of controversy. Conservative or relaxed thresholds may cause false positive and false negative alarms respectively. The main contribution of this paper is to provide a tricky aspect of code reuse techniques, called Tiny Jump-oriented Programming (Tiny-JOP) that demonstrates the ineffectiveness of the threshold based detection methods. We demonstrate the effectiveness of our approach by implementing a sample proof of concept shell-code and exploiting a real-world buffer overflow vulnerability in HT Editor 2.0.20.