A Framework for Automated Architecture-Independent Gadget Search
نویسندگان
چکیده
We demonstrate that automated, architecture-independent gadget search is possible. Gadgets are code fragments which can be used to build unintended programs from existing code in memory. Our contribution is a framework of algorithms capable of locating a Turing-complete gadget set. Translating machine code into an intermediate language allows our framework to be used for many different CPU architectures with minimal architecture-dependent adjustments. We define the paradigm of free-branch instructions to succinctly capture which gadgets will be found by our framework and investigate side effects of the gadgets produced. Furthermore we discuss architectural idiosyncrasies for several widely spread CPU architectures and how they need to be taken into account by the generic algorithms when locating gadgets.
منابع مشابه
Everybody be cool, this is a roppery!
We present algorithms which allow an attacker to search for and compose gadgets regardless of the underlying architecture using the REIL meta language. Gadgets are code fragments which can be used to build unintended programs from existing code in memory. Our contribution is a framework of algorithms capable of locating a Turing-complete gadget set and a returnoriented compiler for the ARM arch...
متن کاملQuery Architecture Expansion in Web Using Fuzzy Multi Domain Ontology
Due to the increasing web, there are many challenges to establish a general framework for data mining and retrieving structured data from the Web. Creating an ontology is a step towards solving this problem. The ontology raises the main entity and the concept of any data in data mining. In this paper, we tried to propose a method for applying the "meaning" of the search system, But the problem ...
متن کاملA new memetic algorithm for mitigating tandem automated guided vehicle system partitioning problem
Automated Guided Vehicle System (AGVS) provides the flexibility and automation demanded by Flexible Manufacturing System (FMS). However, with the growing concern on responsible management of resource use, it is crucial to manage these vehicles in an efficient way in order reduces travel time and controls conflicts and congestions. This paper presents the development process of a new Memetic Alg...
متن کاملOrganizational Information Architecture Meta-Method for Organizational Website, Case study: Central Insurance of the Islamic Republic of Iran
Background and Aim: Information Architecture is an organizational meta-method that adopts a strategic approach to the specialized information of the organization using an integrated framework and enables the management of organizational resources by acquiring and upgrading new information technologies. Therefore, it is essential to be part of the current processes of the organization and the in...
متن کاملAutomated Multi-architectural Discovery of CFI-Resistant Code Gadgets
Memory corruption vulnerabilities are still a severe threat for software systems. To thwart the exploitation of such vulnerabilities, many different kinds of defenses have been proposed in the past. Most prominently, Control-Flow Integrity (CFI) has received a lot of attention recently. Several proposals were published that apply coarse-grained policies with a low performance overhead. However,...
متن کامل