|
|
|
|
|
|
by ycmbntrthrwaway
3222 days ago
|
|
|
You have not replied to this: > To use ROP you need not only the RET instruction, but the code before it. You want to execute some existing function and return only then, not just return. Ok, you found RET in some unexpected place, like an immediate value. But do you want to execute the code before it? Most likely it is just garbage. Usually you want to return to mprotect() and then chain somewhere else from it. With this mitigation even if you manage to jump to mprotect() function, you will not be able to make it chain to the next function you want. |
|
|