漏洞利用工具研发框架研究  被引量:3

Research on Vulnerability Utilization Tool Development Framework

在线阅读下载全文

作  者:王炎 刘嘉勇[1] 刘亮[1] 贾鹏 刘露平 

机构地区:[1]四川大学信息安全研究所,成都610065

出  处:《计算机工程》2018年第3期127-131,共5页Computer Engineering

摘  要:目前已有的漏洞利用平台支持的二进制漏洞种类不多,并且这些平台的灵活性和开发效率较低,缺少专门针对二进制漏洞利用工具的研发和生成系统。为此,提出一种新的二进制漏洞利用工具自动化生成框架。把漏洞利用过程模块化,通过多种模块组合的方式快速灵活地进行漏洞利用工具的研发和自动化生成。针对每个模块的不同特点,采用不同的设计方案,以实现更短的开发周期和更高的开发效率。实验结果表明,该框架简单易用,具有较高的灵活性和扩展性。At present, the number of binary vulnerabilities supported by existing vulnerability utilization platforms is not much,and the flexibility and development efficiency of these platforms is low. There are few utilization tool R & D and generation systems specifically for binary vulnerabilities. Therefore, this paper presents a new automatic generation framework for binary vulnerability exploit tool. The framework modularizes the exploit process. The development and automation of vulnerability utilization tools are quickly and flexibly generated through a variety of modular combinations. According to the different characteristics of each module,different design is used to achieve a shorter development cycle and higher development efficiency. Experimental results show that the framework is simple and easy to use, with high flexibility and extensibility.

关 键 词:漏洞利用 二进制漏洞 模块化 shellcode模块 研发框架 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象