1 |
On Tue, 26 Mar 2013 19:45:39 +0100 |
2 |
"Tóth Attila" <atoth@××××××××××.hu> wrote: |
3 |
|
4 |
> I ment: how to do ROP in python and how a compiled python script can be an |
5 |
> objective of a ROP attack? If the attacker carefuly studies the way how |
6 |
> exactly the script becomes executable code in memory, it gains control on |
7 |
> a mechanism to plant the necessary pre-designed snippets needed for the |
8 |
> actual exploit. |
9 |
|
10 |
ROP-based exploitation requires the attacker to have exact knowledge |
11 |
about content and layout of the bytecode (which contains |
12 |
potential ROP gadgets) in memory, ability to store arbitrary data at |
13 |
some known or appropriate location and ability to purposefully affect |
14 |
execution flow (in cases when the natural execution flow won't |
15 |
"execute" the payload eventually). With those requirements met, it |
16 |
should be much easier to store some raw bytecode (or source code, in |
17 |
case of pure interpreters) somewhere and then make it interpreted by |
18 |
the language runtime. |