【作者】 杨洋； 帅春燕； 江建慧；

【Author】 Yang Yang,Shuai Chunyan,Jiang Jianhui (Department of Computer Science and Technology,Tongji University,Shanghai 201804)

【机构】 同济大学计算机科学与技术系；

【摘要】 文中分析了进程从开始运行,函数调用,一直到进程结束整个过程中函数堆栈的变化情况,研究了缓冲区溢出发生的条件,在Linux下实现了一个缓冲区溢出漏洞攻击程序和漏洞扫描程序.缓冲区溢出漏洞攻击程序利用缓冲区溢出漏洞非法获取了系统超级用户权限;而漏洞扫描程序主要对库函数strcpyO存在的缓冲区溢出漏洞进行了模拟攻击,倘若检测到攻击成功,则说明系统存在安全漏洞.更多还原

【Abstract】 This paper analyzed changes in details of the function stack from the start of a process to the end,including function calls,as well as the conditions buffer overflow occurred.A buffer overflow vulnerability exploit program and a vulnerability scan program are implemented.The buffer overflow vulnerability exploit program will get root permission illegally through buffer overflow vulnerabilities. The buffer overflow vulnerability scan program will try to pretend to attack the vulnerabilities of the strcpy(?) function.If an attack behavior is detected in the system,buffer overflow vulnerabilifies will be reported.更多还原