アール‐オー‐ピー【ROP】
読み方:あーるおーぴー
ROP run of paper,run of press
Return-oriented programming
(Rop から転送)
出典: フリー百科事典『ウィキペディア(Wikipedia)』 (2023/06/24 14:37 UTC 版)
Return-oriented programming(ROP)は、実行保護やコード署名などのセキュリティ防御の機構が存在するマシンで任意コードの実行を可能にするセキュリティエクスプロイトである[1][2][3]。
- ^ “Check Point Secure Platform Hack” (英語). Pentest. Barcelona, Spain: Pentest Consultores. pp. 219 (2007年10月1日). 2023年1月6日閲覧。
- ^ “Thread: CheckPoint Secure Platform Multiple Buffer Overflows”. The Check Point User Group. 2021年4月17日時点のオリジナルよりアーカイブ。2023年1月6日閲覧。
- ^ “Return-Oriented Programming: Exploits Without Code Injection”. 2009年8月12日閲覧。
- ^ “When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC”. Proceedings of the 15th ACM conference on Computer and communications security - CCS '08. (October 2008). pp. 27–38. doi:10.1145/1455770.1455776. ISBN 978-1-59593-810-7
- ^ Microsoft Windows XP SP2 Data Execution Prevention
- ^ Solar Designer, Return-into-lib(c) exploits, Bugtraq
- ^ Nergal, Phrack 58 Article 4, return-into-lib(c) exploits
- ^ Sebastian Krahmer, x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique, September 28, 2005
- ^ Abadi, M. N.; Budiu, M.; Erlingsson, Ú.; Ligatti, J. (November 2005). “Control-Flow Integrity: Principles, Implementations, and Applications”. Proceedings of the 12th ACM conference on Computer and communications security - CCS '05. pp. 340–353. doi:10.1145/1102120.1102165. ISBN 1-59593-226-7
- ^ Abadi, M. N.; Budiu, M.; Erlingsson, Ú.; Ligatti, J. (October 2009). “Control-flow integrity principles, implementations, and applications”. ACM Transactions on Information and System Security 13: 1–40. doi:10.1145/1609956.1609960.
- ^ a b c Shacham, H. (October 2007). “The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)”. Proceedings of the 14th ACM conference on Computer and communications security - CCS '07. pp. 552–561. doi:10.1145/1315245.1315313. ISBN 978-1-59593-703-2
- ^ Jonathan Salwan and Allan Wirth, ROPgadget - Gadgets finder and auto-roper
- ^ [Shacham et al., 2004] Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM conference on Computer and Communications Security (CCS), 2004.
- ^ [Bennett et al., 2013] James Bennett, Yichong Lin, and Thoufique Haq. The Number of the Beast, 2013. https://www.fireeye.com/blog/threat-research/2013/02/the-number-of-the-beast.html
- ^ CHECKOWAY, S., DAVI, L., DMITRIENKO, A., SADEGHI, A.-R., SHACHAM, H., AND WINANDY, M. 2010. Return-oriented programming without returns. In Proceedings of CCS 2010, A. Keromytis and V. Shmatikov, Eds. ACM Press, 559–72
- ^ ONARLIOGLU, K., BILGE, L., LANZI, A., BALZAROTTI, D., AND KIRDA, E. 2010. G-Free: Defeating return-oriented programming through gadget-less binaries. In Proceedings of ACSAC 2010, M. Franz and J. McDermott, Eds. ACM Press, 49–58.
- ^ Skowyra, R.; Casteel, K.; Okhravi, H.; Zeldovich, N.; Streilein, W. (October 2013). “Systematic Analysis of Defenses against Return-Oriented Programming”. Research in Attacks, Intrusions, and Defenses. Lecture Notes in Computer Science. 8145. pp. 82–102. doi:10.1007/978-3-642-41284-4_5. ISBN 978-3-642-41283-7. オリジナルの2014-02-22時点におけるアーカイブ。
- ^ Venkat, Ashish; Shamasunder, Sriskanda; Shacham, Hovav; Tullsen, Dean M. (2016-01-01). “HIPStR: Heterogeneous-ISA Program State Relocation”. Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems. ASPLOS '16 (New York, NY, USA: ACM): 727–741. doi:10.1145/2872362.2872408. ISBN 9781450340915.
- ^ Hiser, J.; Nguyen-Tuong, A.; Co, M.; Hall, M.; Davidson, J. W. (May 2012). “ILR: Where'd My Gadgets Go?”. 2012 IEEE Symposium on Security and Privacy. pp. 571–585. doi:10.1109/SP.2012.39. ISBN 978-1-4673-1244-8
- ^ US 9135435, Venkat, Ashish; Arvind Krishnaswamy & Koichi Yamada et al., "Binary translator driven program state relocation", published 2015-09-15, assigned to Intel Corp.
- ^ Vasilis Pappas. kBouncer: Efficient and Transparent ROP Mitigation. April 2012.
- 1 Return-oriented programmingとは
- 2 Return-oriented programmingの概要
- 3 防御
- 4 関連項目
- Ropのページへのリンク