摘要
随着计算机技术的飞速发展,软件的规模及复杂程度在快速增加的同时也带来了极大的安全隐患,各种软件漏洞层出不穷,漏洞利用成为研究的热点。在漏洞利用的过程中,shellcode作为最关键的组件,其质量直接影响到漏洞利用的效果。针对已有的shellcode自动构建方法存在兼容性低、对大型shellcode支持性较差、自动化程度及易用性较低的缺点,文章提出一种Windows shellcode自动构建方法。该方法通过编写框架提供编程接口和编程环境,使编写者通过C语言编写shellcode,并将shellcode的编译、生成、提取、测试以及编码和优化过程进行整合,实现x86/x64平台Windows shellcode的自动构建。文章对基于该方法实现的原型系统进行了验证,结果表明,系统在兼容性、可靠性、自动化性能方面均有较好表现,能够利用系统顺利完成shellcode的构建任务,具有较高的实际应用价值。
With the rapid development o f computer technology, the scale and com plexity o f software is increasing, which also brought great security riskat the same time, shellcode is the key component in the process of the vulne rability exploitation. Its qua lity directly affects the effect of the exploit. But existing techniques have many downsides, such as less automation, usability and compatibility problems. In this paper, an automatic building approach of Windows shellcode has been proposed, which can provide programming interface & environment, and can let the programmers write shellcode with C language. In order to b uild the Windows shellcode of x86/x64 platform automatically, it also includes the compilation, building, extracting, testing, encoding and optimization steps. Based on the approach, this paper implements the prototype system of shellcode building automatically and makes some experiments. The result shows that the system performs well in compatibility, reliability and automatic performance. The system can be applied to shellcode building easily.
出处
《信息网络安全》
CSCD
2017年第4期15-25,共11页
Netinfo Security
基金
国家242信息安全计划[2005C48]
