scholarly journals Return Oriented Programming - Exploit Implementation using Pwntools

2020 ◽  
pp. 194-198
Author(s):  
Jayesh Zala
Keyword(s):  
Operating System ◽  
Buffer Overflow ◽  
Machine Code ◽  
Software Vulnerabilities ◽  
New Findings ◽  
Protection Mechanisms ◽  
Return Oriented Programming ◽  
Turing Complete

<p>A common approach to leverage software vulnerabilities in the contemporary operating system has been the Return-Oriented Programming(ROP) attack. Although protection mechanisms are involved in the OS, an attacker may execute arbitrary code with the support of ROP. A decade ago, Return Oriented programming was designed to solve the buffer overflow exploit security mechanisms such as ASLR, DEP (or W?X) by reusing the machine code in the form of gadgets that are stitched together to render a full assault on Turing. And it will take more complex efforts to conduct a Turing complete attack, and very little data is possible to perform it with raw input. Therefore, in this project, we are systematizing the interpretation of the new findings that can be used to carry out a full ROP attack with the help of pwntools python library.</p>

scholarly journals Methodology for Forensics Data Reconstruction on Mobile Devices with Android Operating System Applying In-System Programming and Combination Firmware

2020 ◽  
Vol 10 (12) ◽  
pp. 4231
Author(s):  
Claudinei Morin da Silveira ◽  
Rafael T. de Sousa Jr ◽  
Robson de Oliveira Albuquerque ◽  
Georges D. Amvame Nze ◽  
Gildásio Antonio de Oliveira Júnior ◽  
...  
Keyword(s):  
Operating System ◽  
Data Acquisition ◽  
Mobile Devices ◽  
Forensic Analysis ◽  
Main Memory ◽  
Protection Mechanism ◽  
Data Preservation ◽  
Protection Mechanisms ◽  
Android Operating System ◽  
System Programming

This paper proposes a new forensic analysis methodology that combines processes, techniques, and tools for physical and logical data acquisition from mobile devices. The proposed methodology allows an overview of the use of the In-System Programming (ISP) technique with the usage of Combination Firmware, aligned with specific collection and analysis processes. The carried out experiments show that the proposed methodology is convenient and practical and provides new possibilities for data acquisition on devices that run the Android Operating System with advanced protection mechanisms. The methodology is also feasible in devices compatible with the usage of Joint Test Action Group (JTAG) techniques and which use Embedded Multimedia Card (eMMC) or Embedded Multi-Chip Package (eMCP) as main memory. The techniques included in the methodology are effective on encrypted devices, in which the JTAG and Chip-Off techniques prove to be ineffective, especially on those that have an unauthorized access protection mechanism enabled, such as lock screen password, blocked bootloader, and Factory Reset Protection (FRP) active. Studies also demonstrate that data preservation and integrity are maintained, which is critical to a digital forensic process.

Operating System Simulator to Translate Assembler Code to Machine Code

2017 ◽  
Vol 51 (1) ◽  
pp. 58-63
Author(s):  
Enrique Ayala ◽  
◽  
Francisco A Madera ◽  
Luis Basto
Keyword(s):  
Operating System ◽  
Machine Code ◽  
Assembler Code

scholarly journals An automated approach to fix buffer overflows

2020 ◽  
Vol 10 (4) ◽  
pp. 3777
Author(s):  
Aamir Shahab ◽  
Muhammad Nadeem ◽  
Mamdouh Alenezi ◽  
Raja Asif
Keyword(s):  
Software Security ◽  
Mitigation Strategies ◽  
Buffer Overflow ◽  
Public Security ◽  
Analysis Tool ◽  
Security Vulnerabilities ◽  
Software Vulnerabilities ◽  
Buffer Overflows ◽  
Different Types ◽  
Static Analysis Tool

Buffer overflows are one of the most common software vulnerabilities that occur when more data is inserted into a buffer than it can hold. Various manual and automated techniques for detecting and fixing specific types of buffer overflow vulnerability have been proposed, but the solution to fix Unicode buffer overflow has not been proposed yet. Public security vulnerability repository e.g., Common Weakness Enumeration (CWE) holds useful articles about software security vulnerabilities. Mitigation strategies listed in CWE may be useful for fixing the specified software security vulnerabilities. This research contributes by developing a prototype that automatically fixes different types of buffer overflows by using the strategies suggested in CWE articles and existing research. A static analysis tool has been used to evaluate the performance of the developed prototype tools. The results suggest that the proposed approach can automatically fix buffer overflows without inducing errors.

A Function Level Randomization Technique to Mitigate ROP Attacks

2013 ◽  
Vol 765-767 ◽  
pp. 871-878
Author(s):  
Liang Xiao ◽  
Xun Zhan ◽  
Tao Zheng
Keyword(s):  
Binary Code ◽  
Buffer Overflow ◽  
Target System ◽  
Limited Time ◽  
Brute Force ◽  
Address Space ◽  
Return Oriented Programming ◽  
Space Layout ◽  
Address Space Layout Randomization

ROP (Return-Oriented Programming) is a kind of attack technique which makes use of the existing binary code of target systems. ASLR (Address Space Layout Randomization) is widely used to protect systems from buffer-overflow attacks by introducing artificial diversity to software. With ASLR software can be immune from ROP attacks to some extent. Due to the fact that ASLR cant randomize base addresses of executables code segments and its utility on 32-bit architectures is limited by the number of bits available for address randomization, attackers can successfully exploit a target system by using brute force in limited time. Thus, we proposed FLR, a function level randomization technique to mitigate ROP attacks. FLR randomly permutes functions in executables, making attackers assumptions on executables incorrect. We implemented a prototype of FLR and randomized ten executables. ROP attacks succeeded without FLR and failed with FLR.

scholarly journals REQUIREMENTS FOR AXIS PROTECTION MECHANISMS WITHIN THE CLASS OF USE

2020 ◽  
pp. 40-49
Author(s):  
Alexey Bychkov ◽  
Yanina Shestak
Keyword(s):  
Operating System ◽  
Information System ◽  
General Purpose ◽  
Software Safety ◽  
Specialized Software ◽  
Computer Equipment ◽  
Protection Mechanisms ◽  
General Purpose Computer ◽  
Closed Source ◽  
Working Out

One of the components of modern information systems is general-purpose computer equipment on which specialized software is installed or on which specialized software is working. This computer equipment requires a general-purpose operating system. To protect the information system it is necessary to protect all its links, including the operating system. In particular, in case of client-server technologies it is necessary to pay attention both to protection of server component and to protection of a client component. Protection of an operating system demands understanding, within what limits of what information system the OS will work, what working conditions and restrictions are imposed on the protected environment, what threats to the protected environment is required, what mechanisms is it possible to provide with protection of the environment necessary to us and what "price" of their application or nonapplication and other will be. Therefore, software safety should rely on a policy of safety of an operating system, expanding and specifying it and as much as possible. It is necessary to rely on safety mechanisms which are provided by an operating system or information system at software working out. This is necessary for unification and simplification of system of safety, simplification of its service, at the expense of reduction of quantity of the mechanisms created for the decision of the same problem. It is also necessary to apply typical and well-known components and standards, to avoid components with the closed source code as much as possible, or components which do not support, or incorrectly support typical standards.

Knowledge-based systems, Lisp, and very high level implementation languages

1992 ◽  
Vol 7 (2) ◽  
pp. 147-155
Author(s):  
Eric Sandewall
Keyword(s):  
Operating System ◽  
Programming Languages ◽  
Knowledge Based Systems ◽  
Machine Code ◽  
Low Level ◽  
Knowledge Based ◽  
High Level ◽  
Very High

AbstractIt is usually agreed that programming languages for implementing (other) programming languages, or ‘implementation languages’, should be simple low-level languages which are close to the machine code and to the operating system. In this paper it is argued that a very high level implementation language is a good idea, of particular importance for knowledge-based systems, and that Lisp (as a language and as a system) is very well suited to be a very high level implementation language. The significance of special-purpose programming languages is also discussed, and the requirements that they have for a very high level implementation language are considered.

scholarly journals Methods for automated formation of a disassembled listing structure

2019 ◽  
pp. 1-16
Author(s):  
Aleksandr Vladimirovich Revnivykh ◽  
Anatolii Sergeevich Velizhanin
Keyword(s):  
Automated Analysis ◽  
Machine Code ◽  
Static And Dynamic Analysis ◽  
Software Vulnerabilities ◽  
Binary File ◽  
Software Products ◽  
Automatic Mode ◽  
Initial Stage ◽  
The Matrix

The subject of the research is the method of splitting a disassembled code into logical blocks in automatic mode, searching for software vulnerabilities without using source code (using a binary file or its equivalent, obtained by reverse engineering).The object of the research is the existing code analyzers and features of their functionality.The aim of the study is to consider the possibility of splitting a disassembled code into logical blocks in automatic mode and some of the possible difficulties associated with this.Formulation of the problem. The complexity of analyzing large software products at the level of machine code necessitates the automation of this process. The research methodology is based on a combination of theoretical and empirical approaches using the methods of static and dynamic analysis, comparison, generalization, algorithmization, modeling, synthesis. Key findings. Splitting the code into blocks by sequential in line-by-line analysis of machine code in some cases can lead to misinterpretation. In addition, the analysis of the code according to the conclusions of the functions also does not guarantee the correctness of the determination of the boundaries of the functions. However, in general, the matrix method can be applied to analyze the dependencies of functions on the blocks of code thus selected.The scientific novelty is connected with the determination of promising vectors for the study of software code for vulnerability, the rationale for the approach (building the transition matrix from integer values), which may be the initial stage of preparation for the automated analysis of the disassembled code.

Sign in / Sign up

Export Citation Format

Share Document