Glossary
Return-Oriented Programming (ROP)
An exploitation technique that chains small existing code snippets ending in RET instructions to execute arbitrary logic without injecting new code.
Return-Oriented Programming (ROP) is an exploitation technique that bypasses non-executable memory (NX/DEP) by stitching together small sequences of existing code — called gadgets — that each end with a RET instruction. By overwriting the stack with a chain of gadget addresses, the attacker controls execution without injecting new code. Each RET pops the next gadget address off the stack, chaining them together. A ROP chain is a form of shellcode built entirely from code already present in the binary or loaded libraries. Tools like ROPgadget, pwntools, and ropper automate gadget discovery.