bannedit's musings

Automated ROP Chain Integrity

Posted on Thu 29 August 2019 in Research • Tagged with research, rop, exploit dev

In software engineering unit testing has become the norm. In the world of exploit development, testing and automation is lacking. This blog post will introduce a technique for automated testing of Return Oriented Programming (ROP) chain integrity.

Admittedly, automation in exploit development does exist, there are tools such as mona [1] and rop finding tools [2] [3] that make the process a lot simpler than it once was. However, the point of this blog is to show that automation can go beyond automating the tasks involved in exploit development and also be applied to what happens next, maintaining working exploit code.


Continue reading