Return Oriented Programming Compiler

I'm trying to better understand my computer on the lower levels and what better way is there other than writing stack buffer overflow exploits? I recently came across ROP. I read the paper http://cseweb.ucsd.edu/~hovav/talks/blackhat08.html and it mentioned there was a compiler for ROB code. What is the name of such a compiler for开发者_JAVA百科 linux (64bit)?

Thanks, Konstantin

I was one of the researchers on this project at UCSD and wrote the C-to-exploit-string compiler portion. The specific work you are referring to was SPARC-specific (and further tailored to a known Solaris libc binary). These papers actually give a better overview of what we did (and generalizations and programming approaches):

• Our original CCS 2008 paper
• Updated, generalized manuscript

For Linux + x64, there have been many tools for ROP attack creation since our research, which you can find generally by searching the web. And most of these are far more useful and user-friendly than our (now relatively old) research-specific tools.

Let me just offer a suggestion that if you want to understand the lower levels of your Linux system and haven't already done so, consider a "stepped" approach with the following:

1. "Old-School" Stack Injection: Disable non-executable stack protection on your box, and just inject shell code. Lot's of resources here -- start with Aleph One's seminal "Smashing The Stack For Fun And Profit" (widely available on the web).
2. Return-to-Libc: Re-enable non-executable stacks, and try to create a custom payload to jump into libc (probable execve) and try to grab a shell.

Once you've got a handle on those, then getting in to ROP will be a lot easier. If you're already there, then power to you!