ROP is Still Dangerous: Breaking Modern
Defenses
Nicholas Carlini et. al
University of California, Berkeley
USENIX Security 2014
Presenter: Yue Li
Part of the slides from N. Carlini
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
Background
Code injection
● Usually exploited in a buffer
overrun vulnerability.
● Inject malicious code
● Overwrites return address of
a function.
● Return address -> malicious
code
Background
Code injection
Data Execution
Prevention (DEP)
● Security feature in modern
OS
● Ensures writable pages in
memory are not executable
● Stack is no longer
executable
● Code cannot be injected
Background
Code injection
Data Execution
Prevention (DEP)
Return Oriented
Programming (ROP)
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
ROP Attacks
Gadgets !
ROP Attacks
● Perform malicious computation by only
controlling the execution flow
● Each gadget performs small computation
● Gadget chaining is achieved by influencing
indirect jumps
● Need to write appropriate values over the
stack
ROP Attacks
1.
2.
3.
4.
5.
6.
eax stores 4a304120
ebs stores 00032400
eax stores [4a304120] (OV)
eax stores (OV + 00032400)
ecx stores 4a304120
[4a304120] stores (OV +
00032400)
ROP Attacks
Defend ROP
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
Attack Primitives
Three building blocks are useful in attacking
ROP defenses
1. Call-Preceded ROP
2. Evasion Attack
3. History Flushing
Call-Preceded ROP
Call-Preceded Policy: Normally, every ret will return to
an instruction that immediately follows a call
Call-Preceded ROP
● The call-preceded policy limit the
choices of gadgets
● Only 6% of gadgets are callpreceded
● People believe the call-preceded
policy significantly increases the
difficulty of mounting a ROP.
● However, the authors argue it is
possible to mount ROP with this
policy
● Allow more complex gadgets.
● 70KB of binary code
Evasion Attacks
Classification-based defense
● Monitoring the runtime behavior of a process
● Classify segments of execution as either “gadget” or
“non-gadget”
● Length-based classifier (instructions separated by
indirect instructions
● Long sequences of short gadgets -> ROP attack
Evasion Attacks
To break classification-based defense
● Using gadgets that look like benign execution
● An evasion attack is one that will be classified by the
defense as normal.
● Actually evasion attack allows the attacker to mount a
ROP
History flushing
History inspection defense
● Inspect program at different points throughout its
execution
● Limited amount of history
● due to performance consideration, usually the
inspection is invoked in certain points (issue a system
call)
History flushing
To break History inspection defense
● Fool the defense by hiding ROP attack
● Perform ROP when not being watched
● Insert effective no-op instructions, stop making progress
when being watched
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
Attack Goal and Threat Model
Attack Goal:
● Issue a single syscall
● mprotect (Linux) or virtualprotect (windows), making a
page in memory both executable and writable
Threat Model:
● Attacker has a known exploit to control the instruction
pointer in the future
● Typically it is a stack overflow
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
kBouncer
kBouncer: a scheme that uses indirect branch tracing to
detect ROP attacks
● Uses the Last Branch Record (LBR) to inspect the last 16 indirect
branches each
● Run when a system call is invoked
● Low overhead
● Check 2 properties
o Call-preceded?
o Are 8 most recent gadget-like? (<20 instructions before an indirect
branch)
kBouncer
Detected !
kBouncer
History Hiding Attack
● Uses history flushing to clear evidence of ROP
● 3 steps
o Initial exploitation: normal ROP attack (may not be callpreceded) until a syscall is about to be invoked
o
o
Hide the history: flush the history
Restore registers and issue the system call
kBouncer
Flush the history
● Consists of a short flushing gadget
and a long termination gadget
● Short flushing gadget - satisfy callproceded requirement
● Repeat short flushing gadget 16
times
● Termination gadget - at least 20
instructions (non-gadget)
kBouncer - Flush History
kBouncer
Restore registers
● Can be achieved with a few gadgets that pop register
values off the stack
● Other ways
o Jump Oriented Programming (JOP)
o Call Oriented Programming (COP)
o etc
kBouncer
What happens if kBouncer keeps the whole execution
history? - can still be broken
●
●
●
●
Initial phase will use only call-preceded gadget
No flushing gadget is needed
Break up short gadget chains with long termination gadget
70KB of program will have enough call-preceded calls to finish such a
ROP attack
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
ROPecker
ROPecker is a defense that builds on ideas found in
kBouncer
With a few differences
●
●
●
●
●
●
Inspect more frequently
Only a few pages are marked executable at one time
Will be invoked each time a page not in executable set is executed
Syscalls
It looks both history and future to detect attack
Future emulation will stop when there is not a short sequence of instruction
leading to an indirect jump
ROPecker: A generic and practical approach for defending against rop attacks. Yueqiang Cheng, Zongwei Zhou, Miao Yu, Xuhua Ding, and
Robert H Deng. NDSS, 2014.
ROPecker
Repeated History Hiding Attack
● repeatedly invokes the history hiding primitives
● 3 phases
o Loading phase: load useful pages into executable set
o Attack phase: invokes gadgets on these pages
o Flushing phase: mounts the history hiding attack using only gadgets
from these pages
● May need to execute the 3 phases multiple time to
achieve the goal
ROPecker
ROPecker
Attack ROPecker is more complicated
●
●
●
●
Carefully pick tasks during each step
Flushing and Termination gadgets clober register states
Pick independent operations for each step
Pick pages that contain more gadgets
ROPecker
Evasion Attack
● Let ROPecker inspect at any time
● Insert a termination gadget in between every ten useful
gadgets.
● Threshold is 11 (past and future)
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
Evaluation
● A tool is built to find attacks on real-world exploits
● The tool help find gadgets
● Enumerate all potential call-preceded gadgets
Evaluation
Modify Real-world Exploits to bypass kBouncer
● 4 real-world exploits are modified
o MPlayer Lite r33063

o
o
o
Stack-based buffer overflow, exploited by overwriting SEH pointer
Adobe Reader 9.3.4
Adobe Flash 11.3.300
Internet Explorer 8
● Half a day to cloak the attacks
Evaluation
Use exploitable version of hteditor source to
bypass ROPecker
● Evasion attack
● Repeated history hiding attack
● execv is issued eventually
Outline
Background
ROP Attacks
Attack Primitives
Attack Goal and Threat Model
kBouncer
ROPecker
Evaluation
Related Work and Conclusion
Related Work
● [Goktas, S&P14] discussed the existence of
call-preceded ROP and use it to break many
existing CFI defenses
● [Davi, Usenix14] and [Goktas, Usenix14] both
independently and concurrently discovered
very similar attacks on kBouncer & ROPecker
Conclusion
This paper has presented:
● 3 building blocks for ROP attacks
● Break state-of-art defenses - kBouncer and ROPecker
● Implication
o Do not rely on limited history
o Call-preceded ROP is possible
o Difficult to classify “gadget” and “non-gadget”
o Focus on fundamental difference between normal
and ROP execution