ROP

This is an advanced exploitation technique that allows an attacker to execute arbitrary code without injecting new instructions into memory, which helps bypass defenses like non-executable (NX) memory protections. Instead of writing their own code, attackers chain together short instruction sequences already present in the program’s memory, typically ending in a ret instruction. These sequences, called "gadgets," perform small operations such as moving data between registers, performing arithmetic, or making system calls. By carefully arranging the stack with the addresses of chosen gadgets, the attacker creates a sequence of operations that achieves malicious goals, such as spawning a shell or escalating privileges. ROP is particularly dangerous because it reuses legitimate program code, making it harder for traditional defenses to detect or prevent.