你的就是我的-自动化远程攻击复用与Shellcode移植.pdf

《你的就是我的-自动化远程攻击复用与Shellcode移植.pdf》由会员分享，可在线阅读，更多相关《你的就是我的-自动化远程攻击复用与Shellcode移植.pdf（46页珍藏版）》请在三个皮匠报告上搜索。

1、卡内基梅隆大学你的就是我的：自动化远程攻击自动化远程攻击复用与复用与ShellcodeShellcode移植移植1这不是一个广告2流离：当你成为【杀】的目标时，你可以弃一张牌，将此【杀】转移给你攻击范围内的另一名角色。（该角色不得是【杀】的使用者）这不是一个广告Ricochet 攻击3将收到的攻击转移给他人。Ricochet 在 CTF 攻防竞赛中的应用4“Stealing and replaying exploits has become very popular;basically,it is the main way in which most teams attack others t

2、hese days.”-Shellphish“We inspected network traffic to find new vulnerabilities,which helped us score points and win DEFCON CTF.”-PPPRicochet 在现实生活中的应用A control flow hijacking exploit:Deviates the control flow of the vulnerable program,and Leads the program to carry out the malicious computation con

3、trolled by the attacker.5Ricochet 在现实生活中的应用A control flow hijacking exploit:Deviates the control flow of the vulnerable program,and Leads the program to carry out the malicious computationcontrolled by the attacker.6Shellcode7Steal a File ShellcodeExisting ExploitRicochet for Control Flow Hijacking

4、Exploits8Steal a File ShellcodeExisting ExploitInstall Malware ShellcodeReplacement ShellcodeRicochet for Control Flow Hijacking ExploitsShellcode Transplant9Steal a File ShellcodeExisting ExploitInstall Malware ShellcodeModified ExploitShellcode Transplant10Steal a File ShellcodeExisting ExploitIns

5、tall Malware ShellcodeReplacement ShellcodeModified ExploitShellcode Transplant11Existing ExploitSWhile Executing Shellcodef(S)SShellSwap:Automatic Shellcode Transplant112Fish WangYan ShoshitaishviliDavid BrumleyTiffany Bao1 T.Bao,Y.Shoshitaishvili,R.Wang and D.Brumley.Your Exploit is Mine:Automatic

6、 Shellcode Transplant for Remote Exploits,Proceedings of the 38th IEEE Symposium on Security and Privacy,2017.Previous Approach2132 D.K.Sean Heelan.Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities.141.Execute the program with symbolic inputs.2390a045Captured Explo