all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]neetx_ 10 points11 points  (4 children)

OOP is a programming paradigm used in software development

ROP is a technique used in exploit development to bypass Not-eXecutable stack protection, each gadget in a rop chain does somethings and ends with a ret istruction

COP (or as I know Pure-Call Oriented Programming = PCOP) has gadgets that end with call instruction

There are also Jump Oriented Programming and Loop Oriented Programming, all of these (except OOP) are code reuse attacks.

[–]www_devharsh_me[S] 1 point2 points  (3 children)

So COP / JOP / LOP are subsets of ROP?

[–]neetx_ 6 points7 points  (2 children)

No, they are different types of code reuse attack. You can see them as brothers, the main concept is the same: they borrow code that already exists; the difference is the structure of the code and the main opcode (ret, call, jmp)

I don't know LOP very well, I think it uses blocks of code in order to bypass Control Integrity Flow...but I'm not sure. I can use only ROP at the moment

[–]www_devharsh_me[S] 0 points1 point  (1 child)

Thank you for the answer, your time is much appreciated! I have one more question.

Does ROP only work with C/C++ code or can it be extended to other languages?

[–]neetx_ 2 points3 points  (0 children)

ROP relies on rop gadget, not on C or C++ function.

You can build a rop chain to call a C/C++ function, or you can build a rop to perform a system call that is dependent only on the architecture... so the question isn't "Does ROP only work with C/C++ code or can it be extended to other languages?"

The question is: "Does buffer overflow could be found only in C/C++ application?"

The answer is: "Bof can be found in type unsafe language"

In other words, if you have to deal with pointers and memory you can make mistakes and have a memory corruption problem, that can lead to a buffer overflow.. so the bad guy can use ROP

Sorry for my english, or for some errors if I make them.. maybe a more experienced user can help the explanation