How do I find a stack pivot in return oriented programming?

353    Asked by AnilJha in Cyber Security , Asked on Feb 3, 2022

I have a program with a heap overflow. It contains some code that is not randomised (is not using ASLR). I want to do a return-oriented programming exploit. Since this is a heap overflow, the first thing I need to do is find a stack pivot, so I can get RSP pointing to a known memory address where my ROP program lives.


What are the state-of-the-art ways to find a stack pivot? What instruction sequences should I look for? Is there a list/database of instruction sequences that can be used as stack pivots?


Also, are there any defences/mitigations I need to watch out for, or that it would help to be aware of?

Answered by Anisha Dalal

To know how to find the stack pivot, you must have a look at mona by corelanĀ https://www.corelan.be/index.php/2011/07/14/mona-py-the-manual/



Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com