| In today's society,information security plays a very important role in people's daily life,ranging from confidential data security of enterprises to privacy data security of individuals which need the support and utilization of relevant information security technology.As an indispensable branch of information security,vulnerability mining and defect detection technology play an important role in network attack and defense.As the most widely used operating system in the world,the number of vulnerabilities and defects in Windows system has been increasing in recent years.Therefore,it is necessary to study the technology of vulnerability mining and defect detection for Windows system in order to effectively reduce the number of dangerous vulnerabilities and the probability of human vulnerability attacks.This paper mainly introduces the related research contents from two aspects:vulnerability mining technology and defect utilization technology.In the aspect of vulnerability mining,this paper firstly introduces several traditional vulnerability mining methods including static detection,dynamic detection and emerging fuzzy testing technology.And by comparing the corresponding advantages and disadvantages,we decide to use fuzzy testing technology to detect vulnerabilities.Based on the above content,this paper designs and implements a fuzzy test tool.The tool uses IRP as input data and can automatically construct a large number of IRP test data according to corresponding strategy.On the other hand,the tool can automatically test the specified driver or application so as to discover the driving exception execution point.Finally,we will analyze the exception execution point to try to find the system vulnerabilities or defects.In aspect of vulnerability and defect utilization Technology,this paper will analyze the Windows system kernel driver and the Windows file systems.We find a defect of kernel driver related to system start-up loading in Windows system.Next we will analyze the usability of this defect to form the defect utilization method.Based on the defect utilization method,we design and implement the automatic application of driver defect.The application can achieve the self-startup of specific program.On the other hand,in order to avoid the detection of firewalls and security software,we will discuss some corresponding solutions of killing-free technology to improve the immunity ability of automation application.Finally,-based on the defect automation application,we design and implement the automation system namely remote desktop control system.The system can be applied to enterprise remote desktop service or other scientific research. |
PDF Full Text Request