| With rapid development of information and network technique,as well as their continuous penetration into military realm,computer network is becoming the hinge of information battle field in the future.Some attacks on computers can obtain valuable intelligence which other weapon systems can never achieve.So,computer network based attack and defense has drawn great attention in military areas.For the past ten years,security vulnerability represented by Buffer Overflow attacks have been the most common and main method of compromising a computing system's security.More important,Buffer Overflow has been the most frequence of remote network attacking.Many of these attacks have been extremely serious security threat, for they allow the attacker to attain administrator privileges on the attacked systems.From Windows operation system to Linux operation system,from Internet Explorer to Sendmail,whatever operation software and application software both have Buffer Overflow problem. In the attacks at the information system,the method based on Buffer Overflow is one of the most important.This thesis in detail describes the Buffer Overflow,and it makes an introduction of elements of getting use of Buffer Overflow to execute attacking code and the skill of ShellCode programming.Then this article makes a full analysis of the vulnerability in CSRSS.EXE,and more,this paper give a detail analysis of authority promoting by buffer over flow.Finally,this thesis researches the Buffer Overflow vulnerability discovering technology based on binary code reverse analysis,and try to find a model of Buffer Overflow vulnerability discovering based Fuzzing and combinesv reverse technique. |
PDF Full Text Request