透過您的圖書館登入 IP:3.144.102.239
透過您的圖書館登入
IP:3.144.102.239
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

跨網頁語言平台之SQL Injection攻擊產生系統

Web Platform Independent SQL injection Attack Generation

盧芊慧(Chian-Huey Lu)
指導教授 : 黃世昆
國立交通大學/資訊學院/資訊科學與工程研究所/碩士(2014年)
https://doi.org/10.6842/NCTU.2014.00156
全文下載

摘要

現今網際網路已成為生活中不可或缺的溝通媒介,人們透過網頁應用程式存取及瀏覽各種資訊。但由於程式開發人員的疏忽,造成可能影響安全性的漏洞,駭客可藉由漏洞取得權限,進行非法資料存取或破壞。 我們所提出的方法為跨網頁語言平台的 SQL隱碼攻擊系統,已整合至先前的 CRAXweb 網頁攻擊平台中,能針對目標網頁應用程式自動產生脅迫(exploit)資料,達到滲透測試的效果。本系統架構於S2E 符號執行環境,先透過網路爬蟲取得目標網頁應用程式的頁面網址,再於HTTP請求中安插符號變數,送往部署有符號資料偵測器的伺服器。符號執行過程中,我們採用單一路徑擬真執行方式來取得路徑限制式,以增加效能,並藉此進行脅迫產生。現已測試多種網頁語言之開源網頁應用程式,使用語言包括 PHP,Perl,C/C++ 與 Python,已能成功產生對應的攻擊字串或漏洞偵測。

關鍵字

網頁安全 符號執行 自動化脅迫產生

並列摘要

Internet has been an important communication media for our daily life. Most of us access information and save our personal private data in the database through web applications. However, due to the ignorance of secure programming practice of web programmers, hackers may be able to access or destroy data through potential web vulnerabilities. We developed a web platform independent SQL injection attack generation method to improve our former web attack framework called CRAXweb. The system is able to generate exploit for the target web application automatically and acts as a penetration test. CRAXweb is based on S2E, a symbolic execution platform. We accumulate the URLs of target web application through web crawler and send the HTTP request with symbolic variable to the symbolic sensor embedded in the server. For the purpose of improving efficiency of symbolic execution, we adopt the single path concolic execution mode to collect path constraint and generate the exploit. We have applied this method to several known vulnerabilities on open source web applications. The results reveal that CRAXweb is a practical exploit generation tool supporting different web platforms, including PHP, C/C++, Perl, and Python.

並列關鍵字

web security symbolic execution automatic exploit generation

參考文獻

[2] V. Chipounov, V. Kuznetsov, and G. Candea, "S2E: A platform for in-vivo multi-path analysis of software systems," ACM SIGARCH Computer Architecture News, vol. 39, pp. 265-278, 2011.
[4] E. J. Schwartz, T. Avgerinos, and D. Brumley, "All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)," in Security and Privacy (SP), 2010 IEEE Symposium on, 2010, pp. 317-331.
[5] J. C. King, "Symbolic execution and program testing," Communications of the ACM, vol. 19, pp. 385-394, 1976.
[8] C. Lattner and V. Adve, "LLVM: A compilation framework for lifelong program analysis & transformation," in Code Generation and Optimization, 2004. CGO 2004. International Symposium on, 2004, pp. 75-86.
[11] S.-K. Huang, M.-H. Huang, P.-Y. Huang, C.-W. Lai, H.-L. Lu, and W.-M. Leong, "CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations," in Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on, 2012, pp. 78-87.

被引用紀錄

劉佳宜(2010)。利用問卷調查與儀器量測評估清潔人員肌肉骨骼傷害盛行率〔碩士論文,長榮大學〕。華藝線上圖書館。https://doi.org/10.6833/CJCU.2010.00070
殷歆宜(2009)。檳榔包填作業勞工肌肉骨骼傷害之調查〔碩士論文,長榮大學〕。華藝線上圖書館。https://doi.org/10.6833/CJCU.2009.00076

延伸閱讀

全文下載