为了在 ARM公司最新发布的首款支持64位处理器的 ARMv8架构上实现 ROP(Return_Oriented Programmig)技术,设计了 ARMv8架构上的 ROP gadget 的自动搜索工具。通过结合 ARMv8架构指令系统的特点,首先在库文件搜索出所有的以 RET 指令结尾的短指令序列,并把这些指令序列存储在 gadget 库中,然后采用一些优化策略对该库进行优化,最后根据用户的输入在库中搜索到与用户输入功能相同的 gadget 链。通过对搜索工具搜索到的 gadget 的统计,结果表明 gadget 集具有图灵完整性,可以执行任意的操作。最后通过一个实例证明了 ROP 在 ARMv8架构上的可行性。%To implement ROP (return-oriented programming)technology on the first ARMv8 architecture supporting 64 bits processor which is the latest release of ARM,we designed an automatic search tool for ROP gadget on ARMv8 architecture.By combining the features of instruction system of ARMv8 architecture,it first searches all the short instruction sequences ending with “RET”instruction in library files,and stores these instruction sequences to gadget library,and then uses some optimisation strategy to optimise the library,finally, according to users’input it finds the gadget chains with same function of users’input.Through the statistics of gadgets searched by search tool,result showed that the gadget set had the Turing completeness,and could execute any operation.In end of the paper,through an example we proved the feasibility of ROP on ARMv8 architecture.
展开▼
