ROP SEH DEP Heap Spray

구글에서 ROP 를 찾아보니. ㅇ_ㅇ;; 잘 정리된 내용이 있네요.

ROP Chain 도 있네요.

원래는 Windows API 의 GDI ROP 를 찾은건데... ㅡ_ㅡ;; 다른 ROP 가 나와서 겸사겸사 보게 되네요.

SetROP2 function

https://msdn.microsoft.com/en-us/library/windows/desktop/dd145088(v=vs.85).aspx

메모리 보호기법 우회 - 2 - ROP(Return Oriented Programming) Exploit

http://teamcrak.tistory.com/332

메모리 보호기법 우회 - 1 - Windows/Linux 환경에서의 Stack Overflow 보호기법

http://teamcrak.tistory.com/348

메모리 보호기법 우회 - 3 - SEH (Structed Exception Handling) Overwrite

http://teamcrak.tistory.com/330

6. Return Oriented Programming (ROP)

http://shayete.tistory.com/entry/6-Return-Oriented-Programming

ROP를 이용한 DEP 우회공격 – (1) Basic Idea

http://noplanlife.com/?p=378

Windows 기반의 ROP 공격 #1 (0)

http://codetronik.tistory.com/3

Windows ROP

http://tribal1012.tistory.com/32

WindowsでReturn-oriented Programming（ROP）によるDEP回避をやってみる Exploit

http://inaz2.hatenablog.com/entry/2015/07/11/211226

Return Oriented Exploitation (ROP)

https://www.offensive-security.com/vulndev/return-oriented-exploitation-rop/

Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube

https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/

ROP (Return Oriented Programming)

http://dool2ly.tistory.com/72

Windows ROP

http://s0ngsari.tistory.com/entry/Windows-ROP

Windows ROP

https://prezi.com/3gezx-znb5ew/windows-rop/

Windows bufferoverflow (5) - ROP 1 (DEP 와 우회방법)

http://hyunmini.tistory.com/29

x64でuse-after-freeからのC++ vtable overwriteとheap sprayによるASLR+DEP回避をやってみる

http://inaz2.hatenablog.com/entry/2015/03/02/014252

힙 스프레이 Heap Spraying

http://pjongy.tistory.com/132

힙 스프레이(Heap Spray) 기법

http://truthtilltheend.tistory.com/entry/%ED%9E%99-%EC%8A%A4%ED%94%84%EB%A0%88%EC%9D%B4Heap-Spray-%EA%B8%B0%EB%B2%95

Defeating DEP with ROP

https://samsclass.info/127/proj/rop.htm

Part 7: Return Oriented Programming

http://www.fuzzysecurity.com/tutorials/expDev/7.html