| With the Windows system widely used in all aspects of modern society, software running on the Windows platform has been greatly improved. Software brings human beings a fast and convenient way of life. And it also brings overwhelming software security vulnerabilities, from security vulnerabilities in Windows system itself to the software running on it, too numerous to mention. An increasing number of security vulnerabilities not only affect the ordinary users and businesses, but also pose a threat to the information security of our society.Software security vulnerabilities are related to individuals, corporations and even national information security, so they are very sensitive. Current situation is that the open literature and technical methods are fewer. Security vulnerabilities information on the network normally only contains an overview, lack of technical support.Research on software vulnerability is about analyzing software vulnerabilities. In general, it involves the underlying technical details. On that basis, we can find new methods of safe programming; supress the spread of Trojans and viruses through the holes; sum up the regular pattern to dig and analysis unknown vulnerabilities. From a higher level, which is good to train talents and accumulate computer technology, and will help standardize the order of the computer industry, crack down on computer crime, protect national information security.This dissertation will examine the closed-source software under the Windows platform. First we introduce the basis for vulnerability analysis, including the PE file structure and the basic concept of disassembly, then three different definitions of software vulnerability and the discussion of the vulnerability classification. After that, it details the static analysis techniques, which is mainly about how to understand disassembly code. Followed by some dynamic analysis techniques, after understanding the concept of breakpoint and single-step, we debug and trace the stack overflow, heap overflow and format string vulnerabilities.Then, we select two fairly representative vulnerabilities, that is, the IE 0day Aurora vulnerability of January 2010 of and in the year of 2008, MS08-067 vulnerability. The former is application software vulnerability and the latter is system software vulnerability. Combined with the actual code snippet and the feedback of debuggers, we debug the two vulnerabilities and explain the technical details.Finally, we summarize and forecast the research on software security vulnerabilities. |
PDF Full Text Request