| In recent years, several serious network security incidents have appeared on the Internet. And they brought serious losses to users and businesses. On one hand, these incidents reflect a weak safety awareness of software developers, on the other hand,it made a demand that network security should become an important research topic in the future. Tthe reason that causes these serious security incidents, basically due to the presence of software vulnerabilities, these vulnerabilities include SQL injection in web applications, XSS attacks and also buffer overflow vulnerability in software. The statics show that, in the CERT/CC announcement released in the recent years, buffer overflow vulnerability accounted for more than50%. Using the Buffer overflow vulnerability, an attacker can often get higher illegal privileges, and cause more serious damage. Althouth Microsoft and other major companies have a lot of security mechanisms to improve the security of our operating system, there are still no effective ways to curb the buffer overflow vulnerability. The main ways to explore software vulnerability is still based on static analysis of source code and static analysis based on reverse engineering. In addition, if security researchers don’t have the source code of the software, have to waste a lot of time in exploring software vulnerabilities.In this paper, I mainly researched the basic principles of buffer overflow. On the basis of the research of security mechanisms on windows platform, I proposed a method of bypassing various security mechanisms.With this people can writeout successfull exploit code. In the analysis of the current domestic and international mainstream buffer overflow detection technology, I proposed a way to explore software vulnerabilities which is based on dynamic debug. The core technology is fuzzing test.The framework is a "trigger-capture" model which can automatically record the exception when the process is alive. Security researcheres who analysis these abnormal log can determine whether ther vulnerability can be exploited. It will help improve the efficiency of the researchers work.In this paper, the main works include:(1). Researched the principles to use the buffer overflow vulnerability under various safety mechanisms;(2).Studied on how to by pass these security mechanisms and write successfull exploit code;(3). proposed a dynamic monitoring technologies to explore the vulnerabilities in software.The key technology of this framework is fuzzing, which is mainly used for protocol testing;(4).Carried out a detailed framework for exploring vulnerabilities automaticlly.And then made it into product. At last, using the FeiQ2.5to test the vulnerability detecting system’s function and reliability. |
PDF Full Text Request