Return-oriented programming (ROP)

by Nicolas Bailluet
DiverSE Coffee
Rennes, France


Modern security exploits are based on code-reuse techniques. Code-reuse techniques allow to bypass non-executable memory constraints (NX bit) that prevent attackers to inject and execute malicious code into a program’s data sections. One of the first and most popular code-reuse attack is Return Oriented Programming (ROP).

How does it work? How does one mitigates ROP attacks? Is it still exploitable nowadays? In this presentation we will do a quick review of what led to the invention of code-reuse attacks and how ROP works. Then, we will give an overview of some existing countermeasures, their efficiency and see whether ROP is still relevant nowadays.