ROP SEH DEP Heap Spray
구글에서 ROP 를 찾아보니. ㅇ_ㅇ;; 잘 정리된 내용이 있네요.
ROP Chain 도 있네요.
원래는 Windows API 의 GDI ROP 를 찾은건데... ㅡ_ㅡ;; 다른 ROP 가 나와서 겸사겸사 보게 되네요.
SetROP2 function
https://msdn.microsoft.com/en-us/library/windows/desktop/dd145088(v=vs.85).aspx
메모리 보호기법 우회 - 2 - ROP(Return Oriented Programming) Exploit
http://teamcrak.tistory.com/332
메모리 보호기법 우회 - 1 - Windows/Linux 환경에서의 Stack Overflow 보호기법
http://teamcrak.tistory.com/348
메모리 보호기법 우회 - 3 - SEH (Structed Exception Handling) Overwrite
http://teamcrak.tistory.com/330
6. Return Oriented Programming (ROP)
http://shayete.tistory.com/entry/6-Return-Oriented-Programming
ROP를 이용한 DEP 우회공격 – (1) Basic Idea
Windows 기반의 ROP 공격 #1 (0)
http://codetronik.tistory.com/3
Windows ROP
http://tribal1012.tistory.com/32
WindowsでReturn-oriented Programming(ROP)によるDEP回避をやってみる Exploit
http://inaz2.hatenablog.com/entry/2015/07/11/211226
Return Oriented Exploitation (ROP)
https://www.offensive-security.com/vulndev/return-oriented-exploitation-rop/
Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube
ROP (Return Oriented Programming)
Windows ROP
http://s0ngsari.tistory.com/entry/Windows-ROP
Windows ROP
https://prezi.com/3gezx-znb5ew/windows-rop/
Windows bufferoverflow (5) - ROP 1 (DEP 와 우회방법)
http://hyunmini.tistory.com/29
x64でuse-after-freeからのC++ vtable overwriteとheap sprayによるASLR+DEP回避をやってみる
http://inaz2.hatenablog.com/entry/2015/03/02/014252
힙 스프레이 Heap Spraying
힙 스프레이(Heap Spray) 기법
Defeating DEP with ROP
https://samsclass.info/127/proj/rop.htm
Part 7: Return Oriented Programming
http://www.fuzzysecurity.com/tutorials/expDev/7.html