Skip to Main Content Area
CPS-VO
Contact Support
Browse
Calendar
Announcements
Repositories
Groups
Search
Search for Content
Search for a Group
Search for People
Search for a Project
Tagcloud
› Go to login screen
Not a member?
Click here to register!
Forgot username or password?
Cyber-Physical Systems Virtual Organization
Read-only archive of site from September 29, 2023.
CPS-VO
code pointers
biblio
Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure
Submitted by aekwall on Mon, 11/09/2020 - 1:11pm
Layout
Vulnerability
source code (software)
software reusability
Software
security of data
security
Resiliency
relative memory
pubcrawl
Position-Independent Code-Reuse Attacks
Payloads
multiple position-independent ROP
Memory management
address-space layout randomization
just-in-time code-reuse attacks
Information Reuse and Security
information disclosure mitigation
information disclosure detection
exploitation
Electronic mail
computer science
Compositionality
code pointers
code gadgets
code addresses
ASLR
advanced attacker
biblio
STEROIDS for DOPed Applications: A Compiler for Automated Data-Oriented Programming
Submitted by grigby1 on Mon, 03/23/2020 - 3:58pm
ROP chain
Just-in-Time
just-in-time gadget search
low-level DOP data structures
Manuals
memory corruption vulnerabilities
object-oriented programming
online front-ends
Payloads
pointer chain
program compilers
program debugging
relocate gadget addresses
JIT-ROP attack
scripting engine
Slang
software reusability
Steroids
STEROIDS compiles
Turing machines
Turing-complete computations
vastly different vulnerabilities
vulnerability-independent
Web browser
wide-spread adoption
rop attacks
automated data-oriented programming
Engines
pubcrawl
Human behavior
Human Factors
resilience
Resiliency
Scalability
Prototypes
composability
Program processors
programming
64-bit applications
security of data
code pointers
code-reuse attacks
code-reuse chain
code-reuse techniques
compiler
conventional code-injection
data structures
data-oriented programming
DOP exploits
DOPed applications
exploitation
high-level language SLANG
