Statements (34)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:computer_security_exploit_technique
|
| gptkbp:abbreviation |
gptkb:ROP
|
| gptkbp:category |
gptkb:cyberattack_technique
code reuse attack software exploitation |
| gptkbp:compatibleWith |
injecting new code
|
| gptkbp:countermeasures |
stack canaries
address space layout randomization control-flow integrity non-executable stack |
| gptkbp:describedBy |
Hovav Shacham's 2007 paper
|
| gptkbp:enables |
privilege escalation
arbitrary code execution |
| gptkbp:exploits |
existing code in memory
|
| gptkbp:field |
computer security
cybersecurity |
| gptkbp:firstDescribed |
2007
|
| gptkbp:inventedBy |
gptkb:Hovav_Shacham
|
| gptkbp:opposedBy |
modern compiler mitigations
|
| gptkbp:relatedTo |
stack smashing
buffer overflow code reuse attack control-flow hijacking return-to-libc attack |
| gptkbp:requires |
executable code fragments (gadgets)
vulnerable program |
| gptkbp:technique |
chains short instruction sequences ending in return
|
| gptkbp:usedFor |
code execution
exploiting software vulnerabilities bypassing security defenses |
| gptkbp:variant |
return-to-libc attack
|
| gptkbp:bfsParent |
gptkb:Intel_Control-Flow_Enforcement_Technology
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
Return-oriented programming
|