Monday, October 5, 2009

Yet Another Diebold Hack Demonstration

Hi folks,
this week I suggest this amazing reading on "Return Oriented Programming" by 6 researchers from Princeton University, University of California @ San Diego and University of Michigan.


The researchers used a clever trick to achieve this. In the existing code, they searched for short code sequences that end in a RET instruction. The RET instructions retrieves an address from the stack and jumps to this address. Using an ingeniously crafted stack consisting of the addresses of suitable code snippets, the researchers can recreate almost arbitrary programs. They created the required stack with a conventional buffer overflow in the existing program code. The program's next RET instruction consequently triggers a series of RETs which eventually executes the code that manipulates the election result according to the attackers wishes. The researchers have called their ingenious exploit technique "Return-oriented Programming".

Viao h-online

2 comments:

Anonymous said...

This paper is about a voting machine from the late '90s by AVC.
It cites the a paper that was published some time back about a Diebold machine, but your blog post title is misleading.

Marco Ramilli said...

Thank you Anonymous.
I'm going to read it this weekend !
Can you suggest a title for me ?