ARM exploitation ROPmap presented at BlackhatUSA 2011

by Long Le, Thanh Nguyen,

URL : https://media.blackhat.com/bh-us-11/Le/BH_US_11_Le_ARM_Exploitation_ROPmap_Slides.pdf

Summary : It is no doubt that ARM will be the next mainstream of exploitation with hundred of millions smartphones, tablets delivered today. There are several talks and papers about ROP on ARM but no any public ROP toolkit for ARM has been released so far as leet hackers keep their tools privately.
In this presentation we will show how ROP exploitation on ARM can be done easily via a systematic, generic approach to generate, search and chain gadgets together. A simple Intermediate Language will be presented that helps people write ROP shellcode and get it transformed automatically to chain of gadgets. As a part of the presentation, we will release an updated version of ROPEME with additional ARM support along with a demo of advanced ROP payloads on latest Android OS.