Automated Exploit Generation For Application’s Vulnerability

Abstract

Existence of a vulnerability for hackers don’t be exploitable only and whatever give credit to vulnerability is Exploit. Automated Exploit Generation (AEG) confront problems because of various protections ,behavior and vulnerability conditions but nonetheless had did researches in subject. Whatever I had peruse in this thesis is possibility of automated exploit generation for vulnerabilities of Internet Explorer (IE) 7 & 8 in Win XP and Win 7. Generated exploits are  for two vulnerability type: Stack Buffer Overflow  and Function Pointer Overwrite. In my savory method that use from instrumentation tools, would hoarded necessary information from program through dynamic analysis. In this method has detected vulnerability type and has bypassed methods of protections and  has showing proper patterns for exploit. Must I Reminisce you that in the project don’t discovery vulnerability and there are vulnerability.
 

Keywords

References

J. Medeiros, “Automated Exploit Development,” The future of exploitation is here, Grayscale Research, 2007.##
S. Heelan“ ,Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities” , University of Oxford, 2009.##
S. K. C. B. L. T. H  and D. B. Thanassis Avgerinos, “AEG: Automatic Exploit Generation ”,Proceedings of the Network and Distributed Security Symposium,  2011.##
B. L. T. Hao“ ,Automatic Heap Exploit Generation, ” Carnegie Mellon University, 2012.##
N. Waisman, “Understanding and bypassing Windows Heap Protection, ”Immunity Security Research, 2007.##
R. C. Seacord, “Secure Coding in C and C++,” Software Engineering Institute Carnegie Mellon University, 2013.##
J. H. F. L. G. R. Chris Anley, “The Shellcoder’s Handbook (Second Edition), ”Wiley Publishing, 2007.##
Corelan Team, “writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh ”,Corelan Team, 25 7 2009.  Available: https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh.##
Corelan Team“ ,exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr”, Corelan Team, 219 2009. Available: https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr.##
D. A. D. Zovi“ ,Return-Oriented Exploitation”, BlackHat_USA ,2010.##
T  .Reynolds, “Address- Space- Layout- Randomization”,  NullSecurity, 154, 2012. Available: http://www.intelligentexploit.com/articles/Address-Space-Layout-Randomization.pdf.##
Corelan Team“ ,exploit-writing-tutorial-part-11-heap-spraying-demystified ”, Corelan Team, 31 12 2011. Available: https://www.corelan.be/index.php/2011/12/31/exploit-writing-tutorial-part-11-heap-spraying-demystified/.##
F. J. Serna“ ,The info leak era on software exploitation ”, BlackHat_USA, 2012.##
Intel“,pin-a-dynamic-binary-instrumentation-tool” , Intel, 13 6 2012 Available: https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool.##
E. Barbosa, “Taint Analysis, ” COSEINC - Solid Security, Verified, 2009.##

Files

History

  • Receive Date: 08 March 2015
  • Revise Date: 12 August 2020
  • Accept Date: 19 September 2018
  • Publish Date: 20 April 2016

Share

How to cite

Statistics