Method and system for carrying out vulnerability utilization generation on captured memory corruption vulnerability attack traffic

A technology for attacking traffic and vulnerabilities, applied in transmission systems, electrical components, etc., can solve problems such as inability to send data sequentially

Active Publication Date: 2019-11-22
PEKING UNIV
View PDF9 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the case where the target operating system has address space randomization protection, it is impossible to complete the extraction of the attack process by directly sending the sent data sequentially

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for carrying out vulnerability utilization generation on captured memory corruption vulnerability attack traffic
  • Method and system for carrying out vulnerability utilization generation on captured memory corruption vulnerability attack traffic
  • Method and system for carrying out vulnerability utilization generation on captured memory corruption vulnerability attack traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Hereinafter, the present invention will be described in detail with reference to the drawings, but the present invention is not limited to the following embodiments.

[0042] like figure 1 Shown is the overall flowchart. Firstly, through the network traffic preprocessing stage, the file format analysis and preliminary screening of the network traffic are performed, and then the shadow service and its attached backdoor interface are initialized and started. After that, the traffic is analyzed. The analysis process is completed by interacting with the shadow service, and traffic completion, address extraction, mapping recovery, and address correction are required. Through iterative interaction, an analysis record containing the interaction process and the process mapping information of the captured traffic target is obtained. Based on the analysis records, the final exploit script can be generated to obtain the exploit script.

[0043] The invention adopts the shadow s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for carrying out vulnerability utilization generation on captured memory corruption vulnerability attack traffic. The method comprises the steps: obtaining a memory mapping base address of captured data traffic and a corresponding position of the base address in received data after the data is received from a shadow service; before sending the data tothe shadow service, obtaining address information of a data sending part in the captured flow data and carrying out offset correction; and generating a vulnerability utilization script interacting with the target service according to the interaction process with the shadow service. The script can be used for obtaining evidences after the server is attacked or defending against further attacks of the same vulnerability.

Description

technical field [0001] The invention belongs to the technical field of computer applications, and in particular relates to a method and system for exploiting and generating captured memory corruption vulnerability attack traffic. Background technique [0002] Vulnerability attack traffic analysis technology is a common defense technology in network security attack and defense. This technology analyzes the sending and receiving process of the captured vulnerability attack traffic by manual means or machine-assisted means, trying to obtain relevant information about the attack process of the other party. information. This technology is often used to obtain evidence when the target service is attacked, or to obtain the attack process of the other party through analysis. The above attack process can be used as a sample for the defense process in the subsequent attack and defense to carry out targeted defense against the attack method . [0003] The attack traffic captured duri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/145H04L63/1466
Inventor 韩心慧丁湛钊李冠成武新逢
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap