Bypassing DEP With Jump-Oriented Programming

Dive deep into the world of Jump-Oriented Programming (JOP) and learn how to bypass Data Execution Prevention (DEP) in this comprehensive 57-minute conference talk from the Hack In The Box Security Conference. Explore the fundamental differences between JOP and Return-Oriented Programming (ROP), and discover why JOP has been largely overlooked in code-reuse attacks. Gain insights into the JOP ROCKET tool, developed by Dr. Bramwell Brizendine, which enables the discovery of dispatcher gadgets and automated construction of complete JOP gadget chains. Understand the nuances and challenges of crafting JOP exploits, including how to avoid using the stack for control flow. Learn about the potential defenses against JOP, such as Control Flow Guard (CFG), and scenarios where JOP attacks may still be effective. Watch live demonstrations of both manual and automated JOP exploit creation, and grasp the practical applications of this advanced exploitation technique in modern Windows environments.

#HITB2021AMS D1T1 - Bypassing DEP With Jump-Oriented Programming - B. Brizendine and A. Babcock