摘要
介绍了Linux系统下缓冲区溢出的原理和shellcode具体实现方法。阐述了远程shellcode从C代码到机器码的编写过程,并从成功率角度对攻击方法进行了分析。利用red hat9.0上的漏洞程序对shellcode进行了测试。对缓冲区溢出常用的防护措施进行了分析,提出了应对远程shellcode的基本方法。
This article introduces the principle of buffer overflow and the detailed methods on how to program shellcode on the Linux system, elaborates the process of remote shellcode from C code to machine code, and analyzes attack methods from the aspect of success rate. The shellcode has been tested in red hat 9.0 with the flaw procedure. At last, this paper analyzes the common prevention measures of buffer overflow, and proposes a basic method to use shellcode.
出处
《重庆理工大学学报(自然科学)》
CAS
2010年第11期80-84,共5页
Journal of Chongqing University of Technology:Natural Science
基金
国家高技术研究发展计划(863计划)资助项目(2007AA01Z445)
