結合滲透測試框架之攻擊脅迫強化系統

陳泓文

doi:10.6842/NCTU.2015.00212

3.239.117.1，Hello！

Close
Search Quick Search Advanced Search Publication Search	Personal Service Member Login Searching History Use Bonus Card SYMSKAN
Browse Browse by University of Graduate Thesis Browse by Pinyin of Graduate Thesis Browse by Conference Proceedings Topic Browse by Conference Proceedings Publisher Browse by Pinyin of Conference Proceedings Browse by eBook Category Browse by eBook Topic Browse by eBook Publisher
Customer Services Authorize Airiti Recommend a Journal

Search Symbol (Half-width)	Description of Search Symbols
Space	"AND" indicates the intertwining of key terms used in a search
Double Quotation Marks ("") ( " " )	Double quotation marks indicate the beginning and end of a phrase, and the search will only include terms that appear in the same order of those within the quotations. Example: "image process" ： " image process "
?	Indicates a variable letter. Entering two ? will indicate two variable letters, and so on. Example: "Appl?", search results will yield apple, apply… e , appl y … ( (often used to English word searches) )
*	Indicates an unlimited number of variable letters to follow, from 1~n. Example: Enter "appl*", search results will yield apple, apples, apply, applied, application…(often used in English word searches) e , appl es , appl y , appl ied , appl ication … ( (often used to English word searches) )
AND、OR、NOT	Boolean logic combinations of key words is a skill used to expand or refine search parameters. (1) AND (1) AND: Refines search parameters (2) OR (2) OR: Expands search parameters (3) NOT: Excludes irrelevant parameters

DOI stands for Digital Object Identifier （ D igital O bject I dentifier ） ,
and is the unique identifier for objects on the internet. It can be used to create persistent link and to cite articles.

Using DOI as a persistent link

To create a persistent link, add「http://dx.doi.org/」「 http://dx.doi.org/ 」 before a DOI.
For instance, if the DOI of an article is 10.5297/ser.1201.002 , you can link persistently to the article by entering the following link in your browser: http://dx.doi.org/ 10.5297/ser.1201.002 。
The DOI link will always direct you to the most updated article page no matter how the publisher changes the document's position, avoiding errors when engaging in important research.

Cite a document with DOI

When citing references, you should also cite the DOI if the article has one. If your citation guideline does not include DOIs, you may cite the DOI link.

DOIs allow accurate citations, improve academic contents connections, and allow users to gain better experience across different platforms. Currently, there are more than 70 million DOIs registered for academic contents. If you want to understand more about DOI, please visit airiti DOI Registration （ doi.airiti.com ）。

Data Source

Basic & Applied Sciences > Information Science
College of Informatics > Graduate Institute of Computer Science and Engineering

Bibliography Management Tool

Related Links

Report an Issue

Purchase Single Articles

Download PDF

結合滲透測試框架之攻擊脅迫強化系統

A Systematic Exploit Strengthening Method Integrating with Penetration Testing Framework

陳泓文 , Masters　　Advisor：黃世昆　　

繁體中文 DOI： 10.6842/NCTU.2015.00212

脅迫強化；返回導向編程；自動脅迫生成；軟體安全；軟體弱點；後脅迫框架； Exploit Strengthening ； ROP ； Automatic Exploit Generation ； Software Security ； Software Vulnerability ； Post Exploitation Framework

Abstract │ Reference (27) │ Altmetrics

Abstract 〈TOP〉

Parallel Abstract 〈TOP〉

Due to software quality issues, recent attacks on various systems are getting serious, and the software security issues therefore become an important research topic. These attacks on the software vulnerability will not only endanger the information infrastructure, but also impact the human safety. To improve the overall robustness of the system, we need a penetration test system to audit related systems. We have proposed the concept of the exploit toolchain to automate the whole process of fuzzing, exploitation, and post-exploitation integration with the metasploit framework.
For the exploitation process, we must be able to bypass the recent protections and mitigations of the operating system, for example ASLR (Address space layout randomization) and DEP (Data Execution Prevention). We have enhanced the ROP (Return-oriented programming) technique to bypass ASLR and DEP protections by searching gadgets with larger sizes.
We evaluate our system by generating ROP payloads from ten target programs in the size greater than 100K bytes. Compared with the results of another popular ROP tool, called ROPgadget, only three targets have been succeeded.  We can also integrate the generated exploits into the Metasploit framework.

Reference ( 27 ) 〈TOP〉

2. Team, P. Pax address space layout randomization. Available from: http://pax.grsecurity.net/docs/aslr.txt.
連結：
3. Payer, M., Too much PIE is bad for performance. 2012.
連結：
4. Huang, S.K., et al. CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations. in Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on. 2012. IEEE.
連結：
5. 黃世昆, et al., 自動脅迫產生器發展現況與威脅分析. 資訊安全通訊, 2012. 18(3): p. 88-100.
連結：
6. Chipounov, V., V. Kuznetsov, and G. Candea, The S2E platform: Design, implementation, and applications. ACM Transactions on Computer Systems (TOCS), 2012. 30(1): p. 2.
連結：

Altmetrics

〈TOP〉

E-mail ：

When an article is available to download, a notice will be sent to your mailbox address.

E-mail ：