Machine learningExploit technique
面向返回编程
面向返回编程(ROP)是一种利用技术,它将现有的可执行代码中的短指令序列(称为“小工具”)链接起来,以执行任意计算,从而绕过诸如代码注入防护之类的安全防御。ROP由Hovav Shacham于2007年提出,它利用代码重用技术,即使在数据执行防护(DEP)和代码签名阻止直接代码注入的情况下也能执行恶意逻辑。ROP被认为是针对现代防御机制的最强大的利用技术之一,并已被证明是图灵完备的。
阅读完整方法
仅限会员
登录使用免费账户登录即可阅读本节。
Method map
The neighbourhood of related methods — select a node to explore.
来源
- Shacham, H. (2007). The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 552-561. DOI: 10.1145/1315245.1315313 ↗
- Roemer, R., Buchanan, E., Shacham, H., & Savage, S. (2012). Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security (TISSEC), 15(1), 1-34. DOI: 10.1145/2133375.2133377 ↗
如何引用本页
ScholarGate. (2026, June 3). Return-Oriented Programming (ROP). ScholarGate. https://scholargate.app/zh/cryptography/return-oriented-programming
Which method?
Set this method beside its closest kin and read them side by side — the library lays the books on the table; the choice is yours.
Compare side by side →