| If vulnerabilities exist in network server applications, the network server might behacked. For instance, buffer overflow vulnerabilities may result in remote code executionand hackers can get full control of the server. To protect the server from all this attacks, weneed a fast way to find vulnerabilities in server applications. Fuzzing test is one of themost efficient ways to find vulnerabilities in those applications, current fuzzing methodscannot generate efficient test cases for those whose use unpublicized protocols and alsosuffer from exception and vulnerability analysis.A new method based on dynamic taint analysis is brought out, at first using dynamictaint tracking on server applications and collect information on how the received messagesare used in by the application. This information is used to generate protocol fielddescription of the message. Then use this protocol format to work with Sulley fuzzingframework and do the fuzzing test. After the fuzzing period, dynamic taint analysis is usedto find out the reason of all the exception found in fuzzing test automatically and outputthe analysis result to the tester.After using our method to generate protocol description of Oracle10.1g TNS protocoland Serv-U4.0FTP protocol, we use Sulley fuzzing framework to do the testing work andfound some old buffer overflow vulnerabilities and some unknown vulnerabilities. Thisexperiment proves the effectiveness of our method. |
PDF Full Text Request