Return-Oriented Programming

GPTKB entity

Statements (35)
Predicate Object
gptkbp:instanceOf exploitation technique
gptkbp:abbreviation gptkb:ROP
gptkbp:canBeBypassedBy gptkb:Data_Execution_Prevention
gptkb:DEP
W^X policy
non-executable memory protections
gptkbp:category cybercrime
exploit
computer security exploit
code reuse attack
gptkbp:compatibleWith injection of new code
gptkbp:countermeasures gptkb:Address_Space_Layout_Randomization
gptkb:Control_Flow_Integrity
stack canaries
shadow stacks
gptkbp:exploits existing code in memory
gptkbp:firstDescribed 2007
gptkbp:gadgetsAre short instruction sequences ending with return
https://www.w3.org/2000/01/rdf-schema#label Return-Oriented Programming
gptkbp:notableContributor gptkb:Hovav_Shacham
Erik Buchanan
Ryan Roemer
Stephen Checkoway
gptkbp:notablePublication Return-Oriented Programming: Systems, Languages, and Applications (IEEE S&P 2007)
gptkbp:relatedTo jump-oriented programming
call-oriented programming
code reuse attack
stack buffer overflow
gptkbp:target program control flow
gptkbp:usedIn computer security
software exploitation
gptkbp:uses gadgets
gptkbp:bfsParent gptkb:ARM_Pointer_Authentication
gptkb:ROP
gptkbp:bfsLayer 7