| 1 |
On Tue, 26 Mar 2013 19:45:39 +0100 |
| 2 |
"Tóth Attila" <atoth@××××××××××.hu> wrote: |
| 3 |
|
| 4 |
> I ment: how to do ROP in python and how a compiled python script can be an |
| 5 |
> objective of a ROP attack? If the attacker carefuly studies the way how |
| 6 |
> exactly the script becomes executable code in memory, it gains control on |
| 7 |
> a mechanism to plant the necessary pre-designed snippets needed for the |
| 8 |
> actual exploit. |
| 9 |
|
| 10 |
ROP-based exploitation requires the attacker to have exact knowledge |
| 11 |
about content and layout of the bytecode (which contains |
| 12 |
potential ROP gadgets) in memory, ability to store arbitrary data at |
| 13 |
some known or appropriate location and ability to purposefully affect |
| 14 |
execution flow (in cases when the natural execution flow won't |
| 15 |
"execute" the payload eventually). With those requirements met, it |
| 16 |
should be much easier to store some raw bytecode (or source code, in |
| 17 |
case of pure interpreters) somewhere and then make it interpreted by |
| 18 |
the language runtime. |
Archives