期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

写任意内存模式内核漏洞提权利用技术研究 被引量:3

Privilege Escalation Technology of Kernel Vulnerabilities in Write What Where Mode
下载PDF
导出
摘要 写任意内存是内核漏洞中一种常见模式,对其利用技术的研究具有重要意义。首先分析传统利用技术的思路方法、利用步骤;然后分析最新的漏洞利用缓解技术工作原理,如何截断利用途径;最后针对最新的缓解技术,基于Windows自身的ACL机制提出一种新的利用方法。该方法可以有效绕过漏洞利用缓解技术,实现提权利用,具有一定的实际意义。 Write What Where mode kernel vulnerabilities is very common, and the research on its privilege escalation is significant. First the traditional method of privilege escalation is introduced and analysed, then the latest exploitation mitigation technology on the latest Windows system is in- troduced, finding how they can cut off the way of traditional methods. Finally, a new method is pro- posed against the exploitation mitigation based on the ACL of Windows itself, which is effective and significant.
作者 倪涛 叶星
机构地区 南京政治学院 国家数字交换系统工程技术研究中心
出处 《信息工程大学学报》 2014年第2期232-236,共5页 Journal of Information Engineering University
基金 国家863计划资助项目(2012AA012902)
关键词 写任意内存 内核漏洞 提权利用 write what where kernel vulnerabilities privilege escalation
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Wang T, Wei T, Gu G, et al. Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution[ J]. ACM Transactions on Information and System Security (TISSEC) , 2011, 14(2) : 15.
  • 2朱贯淼,曾凡平,袁园,武飞.基于污点跟踪的黑盒fuzzing测试[J].小型微型计算机系统,2012,33(8):1736-1739. 被引量:6
  • 3Li C, Wei Q, Wang Q. RankFuzz: Fuzz Testing Based on Comprehensive Evaluation[ C]//Proceedings of Multimedia Infor- mation Networking and Security (MINES). 2012: 939-942.
  • 4文伟平,张普含,徐有福,尹亮.参考安全补丁比对的软件安全漏洞挖掘方法[J].清华大学学报(自然科学版),2011,51(10):1264-1268. 被引量:4
  • 5沈亚楠,赵荣彩,任华,王小芹,刘振华,张新宇,李鹏飞.基于二进制补丁比对的软件输入数据自动构造[J].计算机工程与设计,2010,31(14):3169-3173. 被引量:2
  • 6HowardM,LipnerS.软件安全生命开发周期[M].北京:电子工业出版社,2008:3-10.
  • 7魏强,韦韬,王嘉捷.软件漏洞利用缓解及其对抗技术演化[J].清华大学学报(自然科学版),2011,51(10):1274-1280. 被引量:9
  • 8Tian D, Zeng Q, Wu D, et al. Kruiser: Semi-synchronized Non-blocking Concurrent Kernel Heap Buffer Overflow Monitoring [ C]//Proceedings of the 18th Annual Network and Distributed System Security Symposium(NDSS). 2012:536-542.
  • 9Zeng Q, Wu D, Liu P. Cruiser: Concurrent heap buffer overflow monitoring using lock-free data structures[ C ]//Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation. 2011:367-377.
  • 10Wang Z, Jiang X. HyperSafe:A lightweight approach to provide lifetime hypervisor control-flow integrity[ C ]//Proceedings of the 2010 IEEE Symposium on Security and Privacy. 2010:380-395.

二级参考文献61

  • 1曾鸣,赵荣彩,王小芹,姚京松.一种基于反汇编技术的二进制补丁分析方法[J].计算机科学,2006,33(10):283-287. 被引量:9
  • 2罗谦,舒辉,曾颖.二进制文件结构化比较的并行算法实现[J].计算机应用,2007,27(5):1260-1263. 被引量:4
  • 3Cristian Cadar,Vijay Ganesh.EXE:Automatically generating inputs of death[C].Alexandria,Virginia,USA:13th ACM Conference on Computer and Communications Security),2006:322-335.
  • 4Wang TieLei,Tao Wei.IntScope:Automatically detecting integer overflow vulnerability in X86 binary using symbolic execution[C].16th Annual Network and Distributed System Security Symposium,2009.
  • 5Holland J H.Adaptation in nature and artificial systems[M].Cambridge:MIT Press,1992:22-56.
  • 6GodBerrg D E.Genetic algorithm in search,optimization and machine learning[M].Addison-Wesley,1989:34-38.
  • 7Xu Baowen,Xie Xiaoyuan,Shi Liang,et al.Application of genetic algorithms in software testing[M]Advances in Machine Learning Application in Software Engineering,2007:32-35.
  • 8Jeong Wook Oh,陈琛.二进制比较与反二进制比较-对抗lday和Oday[C].北京:XCon2009安全焦点信息安全技术峰会,2009:277-292.
  • 9Wikipedia.Trivial file transfer protocol[EB/OL].http://en.wikipedia.org/wiki/Tftp.
  • 10Advanced heap spraying techniques [Z/OL]. (2010-02-07), https://www. owasp, org/images/0/01/OWASL_IL_2010_ Jan_-_Moshe_Ben_Abu_- Advanced Heapspray. pdf.

共引文献17

同被引文献13

  • 1RODRIGUEZ C, MARTINEZ R. The growing hacking threat to websites: an ongoing commitment to web applica- tion searit [ R/OL] . ( 2012 -09 -05) [ 2015 -12 -04] https: //www.htbridge.com/blog/the growing hacking threat to websites an ongoing commitment_towebapplication_ sewrity.html. CENZIC Corporation.
  • 2Cenzic application security trends re- port 2014 [R/OL] . (2014-11-01) [2015-12-04] http: //www.cenzic.com/downloads/Cenzic_Vulnerability _Report_2014.vdf.
  • 3TESTA, ALBERTO Gustavo Solino. System and method for providing application penetration testing: U S 8484738[P/ OL]. 2013 -07 -09 [2015 -12 -04]https :www.google.com/ patents~US 8484738.
  • 4COTRONEO, Domenico. Innovative technologies for De- pendable OTS-based critical systems [ M] Berlin: Springer, 2013: 145-157.
  • 5NILSOM G, WILLS K, STUCKMAN J, et ol. BugBox: A vulnerability corpus for PHP Web applications [C] //(;SET, 2013.
  • 6SAJJADI, S M S, POUR BT. Study of SQL injection at- tacks and countermeasures [ J] . International Journal of Computer and Communication Engineering, 2013, 2 (5) : 539-542.
  • 7吴伟民,郭朝伟,黄志伟,苏庆,陈秋伟.基于Windows的结构化异常处理漏洞利用技术[J].计算机工程,2012,38(20):5-8. 被引量:5
  • 8辛知,陈惠宇,韩浩,茅兵,谢立.基于结构体随机化的内核Rootkit防御技术[J].计算机学报,2014,37(5):1100-1110. 被引量:7
  • 9王明华,应凌云,冯登国.基于异常控制流识别的漏洞利用攻击检测方法[J].通信学报,2014,35(9):20-31. 被引量:9
  • 10李晓琦,刘奇旭,张玉清.基于模拟攻击的内核提权漏洞自动利用系统[J].中国科学院大学学报(中英文),2015,32(3):384-390. 被引量:6

引证文献3

二级引证文献5

信息工程大学学报
2014年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部