Part 5/11:

The Power of Return-Oriented Programming (ROP) Chains

Moving beyond the hardware level, the exploit demonstrated by Buchanan revolves around Return-Oriented Programming (ROP)—a method that allows an attacker to execute arbitrary code sequences by chaining together small pieces of existing code called "gadgets."

Because modern CPUs enforce NX (No-Execute) bits, which prevent data segments from running as code, traditional buffer overflow exploits—where hackers inject malicious code—are often rendered ineffective. Instead, exploiters now leverage ROP chains built solely from existing code snippets, bypassing these restrictions.