本文選題：緩沖區(qū)溢出　切入點(diǎn)：逆向工程　出處：《北京郵電大學(xué)》2014年碩士論文

【摘要】：近幾年來(lái),通信技術(shù)飛速發(fā)展,計(jì)算機(jī)網(wǎng)絡(luò)大范圍普及,大量的網(wǎng)絡(luò)應(yīng)用軟件由此應(yīng)運(yùn)而生,這也使得軟件安全漏洞成為網(wǎng)絡(luò)安全風(fēng)險(xiǎn)的主要來(lái)源。因一系列高危漏洞的曝光造成的巨大經(jīng)濟(jì)損失,使得漏洞挖掘與分析展現(xiàn)出巨大的經(jīng)濟(jì)價(jià)值。在此背景下,傳統(tǒng)的漏洞挖掘技術(shù)效率低,精準(zhǔn)度不高,而新出現(xiàn)的漏洞挖掘技術(shù)實(shí)施難度大,加大了應(yīng)用新技術(shù)開(kāi)發(fā)工具的難度。利用逆向分析方法對(duì)軟件漏洞進(jìn)行分析,缺少范用性的體系與作業(yè)流程供分析者參考。本文研究Windows平臺(tái)軟件漏洞,主要做了以下幾方面工作。 本文首先介紹了Windows平臺(tái)軟件常見(jiàn)的漏洞模型,包含棧溢出漏洞、堆溢出漏洞。并且實(shí)際編寫(xiě)代碼,將漏洞重現(xiàn)。先介紹與這些漏洞關(guān)聯(lián)的操作系統(tǒng)知識(shí),之后通過(guò)對(duì)實(shí)際包含漏洞的代碼進(jìn)行分析,詳細(xì)闡述了漏洞的形成原理以及利用方法。之后對(duì)ShellCode編碼理論進(jìn)行概述。 基于逆向工程的漏洞挖掘技術(shù)是本文研究的重點(diǎn),在無(wú)法獲得程序源代碼進(jìn)行白盒測(cè)試時(shí),該技術(shù)對(duì)于軟件漏洞挖掘具有重要意義。本文介紹了應(yīng)用逆向工程進(jìn)行漏洞挖掘的方法,首先從漏洞分析方法出發(fā),介紹了常用的分析技術(shù),并對(duì)應(yīng)用這些技術(shù)可分析的漏洞技術(shù)點(diǎn)進(jìn)行了概述。之后介紹了應(yīng)用逆向技術(shù)的模糊測(cè)試方法,從漏洞測(cè)試的過(guò)程和漏洞測(cè)試方法兩方面對(duì)模糊測(cè)試技術(shù)進(jìn)行了介紹。之后將逆向技術(shù)與基于內(nèi)存數(shù)據(jù)的FUZZ技術(shù)相結(jié)合,對(duì)漏洞模糊測(cè)試工具進(jìn)行了詳細(xì)的設(shè)計(jì),提出了系統(tǒng)的實(shí)現(xiàn)方案。該工具使用逆向技術(shù)定位數(shù)據(jù)源,使用在內(nèi)存中直接修改數(shù)據(jù)源數(shù)據(jù)的方式進(jìn)行模糊測(cè)試,具有實(shí)現(xiàn)簡(jiǎn)單,效率更高等優(yōu)點(diǎn)。 最后,本文從漏洞重現(xiàn)代碼(POC)入手,從定位漏洞位置,分析漏洞形成原因,分析ShellCode代碼,分析惡意代碼四個(gè)方面,實(shí)地分析了CVE-2009-3129,CVE-2012-0158,CVE-2012-1889這三個(gè)經(jīng)典漏洞,將理論與實(shí)際操作進(jìn)行了很好地結(jié)合。
[Abstract]:In recent years, with the rapid development of communication technology and the wide spread of computer network, a large number of network application software emerged as the times require. This also makes the software security vulnerability become the main source of network security risk. Because of the huge economic loss caused by the exposure of a series of high-risk vulnerabilities, the vulnerability mining and analysis shows great economic value. The traditional vulnerability mining technology has low efficiency and low accuracy, but the new vulnerability mining technology is difficult to implement, which makes it more difficult to apply new technology development tools. The reverse analysis method is used to analyze the software vulnerability. This paper studies the software vulnerability of Windows platform, and mainly does the following work. This paper first introduces the common vulnerability model of Windows platform software, including stack overflow vulnerability, heap overflow vulnerability. After that, by analyzing the code that contains the vulnerability, the forming principle and the utilization method of the vulnerability are explained in detail, and then the ShellCode coding theory is summarized. Vulnerability mining technology based on reverse engineering is the focus of this paper. When the program source code can not be obtained for white-box testing, This technology is of great significance for software vulnerability mining. This paper introduces the method of vulnerability mining using reverse engineering. Then, the fuzzy testing method based on reverse technology is introduced, which can be analyzed by using these techniques. This paper introduces the fuzzy testing technology from two aspects of vulnerability testing process and vulnerability testing method. Then combining reverse technology with FUZZ technology based on memory data, the vulnerability fuzzy testing tool is designed in detail. This tool uses reverse technology to locate the data source and directly modify the data source in memory for fuzzy test, which has the advantages of simple implementation and higher efficiency. Finally, this paper starts with the vulnerability reproducing code (POC), analyzes the reasons for the vulnerability formation, analyzes the ShellCode code, analyzes the malicious code from four aspects, and analyzes the three classic vulnerabilities of CVE-2009-3129CVE-2012-0158CVE-2012-1889. The theory is well combined with the practical operation.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TP393.08;TP311.53

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 鐘達(dá)夫;唐懿芳;;堆溢出分析及其防御策略[J];電腦知識(shí)與技術(shù);2010年04期

2 李淼;吳世忠;;軟件漏洞起因的分類(lèi)研究[J];計(jì)算機(jī)工程;2006年20期

3 胥大成;石勇;;Windows緩沖區(qū)溢出利用原理[J];計(jì)算機(jī)與現(xiàn)代化;2010年06期

4 郭軍;;計(jì)算機(jī)漏洞及防范[J];科學(xué)咨詢(xún)(科技·管理);2010年11期

5 吳偉民;郭朝偉;黃志偉;蘇慶;陳秋偉;;基于Windows的結(jié)構(gòu)化異常處理漏洞利用技術(shù)[J];計(jì)算機(jī)工程;2012年20期

6 許志聰;;基于VBS腳本的操作系統(tǒng)管理應(yīng)用[J];金融科技時(shí)代;2013年05期

7 沈亞楠;趙榮彩;王小芹;任華;張新宇;魯海軍;李鵬飛;;基于規(guī)范生成的文件模糊測(cè)試[J];計(jì)算機(jī)工程與設(shè)計(jì);2010年16期

8 劉磊;王軼駿;薛質(zhì);;漏洞利用技術(shù)Heap Spray檢測(cè)方法研究[J];信息安全與通信保密;2012年06期

9 周虎生;文偉平;;基于Windows平臺(tái)的RPC緩沖區(qū)溢出漏洞研究[J];信息網(wǎng)絡(luò)安全;2009年05期

10 徐有福;張晉含;文偉平;;Windows安全之SEH安全機(jī)制分析[J];信息網(wǎng)絡(luò)安全;2009年05期

，

本文編號(hào)：1694263