5·
9 hours agoWhat the “How do attackers get in?” part doesn’t mention: What attackers actually need to get in.
For Boot Hole for example (taken from here: https://access.redhat.com/security/vulnerabilities/grub2bootloader):
In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access.
That definition would be too broad, as includes any type of exploit.
In ROP, you modify the stack to write return addresses and then return to jump to the first of these addresses, the return addresses go to parts of the executable that end with a return instruction (gadgets), so it will always return to the next of your return address.
(That video is maybe not the easiest introduction to ROP.)
Having ROP in here as normal programming paradigm, as opposed to vibe coding, made the meme so much better.