Return-Oriented Programming Gadget Catalog for the Xtensa Architecture
2022 IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS WORKSHOPS AND OTHER AFFILIATED EVENTS (PERCOM WORKSHOPS)(2022)
摘要
This paper shows that the modern high customizable Xtensa architecture for embedded devices is exploitable by Return-Oriented Programming (ROP) attacks. We used a simple Hello-World application written with the RIOT OS as an almost minimal code basis for determining if the number of gadgets that can be found in this code base is sufficient to build a reasonably complex attack. We determined 859 found gadgets which are sufficient to create a gadget catalog for the Xtensa. Despite the code basis used being really small, the presented gadget catalog provides Turing completeness, which allows an arbitrary computation of any exploit program.
更多查看译文
关键词
Return-oriented programming, Xtensa, gadget catalog, gadget chaining, window ABI, ESP32
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要