Patulous Code Reuse Attack: A novel code reuse attack on ARM architecture (A proof of concept on Android OS)

Nowadays, widespread growth in popularity of embedded devices, especially smart phones, stimulates many attackers to consider mobile devices as an attractive target platform. Among all various types of threats and attacks on smart phones, Code Reuse Attack (CRA) techniques are sparkling. Since the introduction of CRA techniques, many attack models have been proposed on different architectures and platforms (e.g. x86, SPARC, etc.). While the standard platform for embedded devices is ARM architecture, we concentrate on available ARM based CRAs. The main contribution of this paper is to consider some unique aspects of ARM architecture to provide a novel code reuse attack technique called Patulous Code Reuse Attack (PCRA) rather than currently available ROP and BLX-attacks. Our attack exploits all of the available machine instructions that change Program Counter (PC) register to deploy the principles of ROP convention. We demonstrate the effectiveness of our approach by defining three different submodels and introducing a useful set of gadgets as well as a sample proof of concept exploit on Android 5.0.1 platform.