The Analyze And Improvement Of The Technology Of Vulnerabilities On Win32 Platform

The latest Microsoft's Operating System Windows Vista has made a great deal of improvement on Security field. Buffer overflow vulnerability attacking which was widely used in all kinds of operating system is successfully retrained by the new security mechanism of Windows Vista and .NET compiler. Therefore, the new usage of buffer vulnerabilities of Win32 platform is becoming the focus of the recent system security research.Comparing with those techniques, Microsoft has brought forwards many protective ways to prevent EIP register from being overwritten by malevolence code effectively.After the research of Windows Vista operating system, it can be found that buffer security check(GS),safe structure handling(SafeSEH) and address space layer random(ASLR) are the most important protective techniques of the application layers. GS is similar with SafeSEH: Security cookie is created in the data segment. Before the function returns or there is a exception, the security cookie will make an integrity check of the cookie in the stack. If failure, it will positively end the process to avoid abnormal jumping, while ASLR which makes a randomization management to the function entry address is to reduce the possibility of the abnormal jumping.Comparing with this three mentioned techniques, the improved usage of buffer vulnerabilities put forward that making jumping before the integrity check of GS to make the protection in vain. The way of Shellcode dynamic orientation is designed by the randomization of function address. When occurring to exceptions, the address which is recomposed by the function pointer pointed to the process out of the stack is one possibility which can avoid the SafeSEH protection. Through the authentication of the mentioned improvements resulted from experimentation, the improved usage of buffer vulnerabilities can effectively avoid the protective mechanism of Windows and recompose the function operating process.With the help of different versions of Windows operating system and the compiler disposal of .NET 2005, the improved way of attacking buffer vulnerabilities can be implemented in Windows Vista platform.