| With the development of information technology,the application of software is more and more extensive,and the scale of software is more and more huge.Due to the mistakes and errors in design and coding,the defects of programs are increasing day by day.In these defects that can cause program crashes,there are some software vulnerabilities that can be directly exploited by hackers.Using these software vulnerabilities,we can achieve the purpose of injecting code,executing arbitrary commands remotely,or dumping sensitive data and information in memory.In order to minimize software defects and vulnerabilities,improve software reliability,ensure software security,software security researchers need to explore causes of software vulnerabilities,software defects and loopholes in the use of proof of conc ept,familiar with the system of software defect mitigation and protection strategy,so as to better control of software vulnerability.Mining software vulnerabilities and exploit is a complex and time-consuming work,security researchers are likely to vulnerability mining and use process due to errors and mistakes go astray,explore software execution path,resulting in a large number of the waste,so an automatic software vulnerability mining and exploit of generation tools are software security researchers look,this vulnerability mining and exploit of generation,security researchers work can reduce the procedures for certification and labeling these tools to automatically find bug.In order to achieve automatic generation of software vulnerabilities,we first think of symbol execution technology,because it can generate test cases for specific program paths.In this paper,through the research of buffer overflow vulnerabilities of software exists,principle,exploit,protection measures and protection system to bypass technology deep research on the use of symbolic execution and other technologies means vulnerability mining and exploit of process automation,realizes a set for the vulnerability of automation software tools.The main works of this paper are: the research program and software vulnerability analysis of existing mining technology;and by using the principle of buffer overflow;using system protection strategy in modern operating system and bypass mode;proposes and implements an automatic gene ration tool of vulnerability mining and exploit,and bypass the protection strategy part of the system;finally,summary and outlook on the development of software security. |
PDF Full Text Request