Research On Technologies Of Vulnerability Discovery Based Upon Fuzzing And Bufferoverflow Vulnerability Exploitation

Research on vulnerability discovery and exploitation is very important in the field of network and information security. With the development of the software industry, the problem of vulnerabilitiy has become increasingly prominent. How to discover vulnerabilities and prevent vulnerabilitise from being exploited are the core problems in the research on vulnerability.In this paper, the research on vulnerability includes two aspects. One is to study of vulnerability discovery, the other is to study the method and technology of vulnerability exploitation.In the vulnerability discovery methodologies, Fuzzing testing is a kind of universal and effective technology for vulnerability discovery. It is used widely and apt to find vulnerabilities automatically, but it is a kind of "black box"test technology, has some shortages. One is the high redundancy of the test data which is crafted randomly, the second is the low efficiency owing to being unaware of the program logic.The third is it can not evaluate the test effect and the harm of the vulnerabilities which have been found. In this paper, we propound a ideal or a method which combin Fuzzing test technology with program analysis, and optimize the test data by evolutionary arithmetic. We call this method as orientated gray box Fuzzing with the evolution idea. Program analysis technology can be departed into two sides, static analysis and dynamic running analysis. The former makes an analysis on the program's static information such as structure, logic of control flow.It is used to provid search space for evolutionary arithmetic. The later destination dynamicly tracks program's control flow to get code coverage analysis. This paper gives out an evolutionary algorithm based on genetic method and evaluates the fitness of test cases so that high-quality test cases can be selected after many times crossover and mutation. operation. An evolutionary Fuzzing test system based on the idea, has been implemented under Windows platform which is composed of static analysis, dynamic tracking, code coverage analysis, data generation, exception monitoring and exception analysis module.Fuzzing can effectively find the memory corruption vulnerabilities. The exploitation of this kind of vulnerabilities is markedly affected by the memory propect mechanism. Therefore for evaluating the harm of the vulnerabilities which have been found, we must research on the method of the vulnerability exploitation and the breakthrough technologies for the memory propect mechanism. Under the Windows platform, a series of defense techniques such as stack cookie protection, PEB address randomization, DEP, SafeSEH and ASLR are discussed. After having analyzed the principle of preventive measures, this paper proposes vulerability exploiting methodologies with bypassing security mechanism under certain conditions. For instance, if we can control the stack accurately, then we can bypass the DEP by the Ret-To-Libc method. Consequently this can provide all-sided referrence for evaluating the harm and effect of the vulnerabilities which have been found by Fuzzing.