通过面向跳转的编程攻击x86 windows二进制文件

2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering Pub Date : 2013-06-19 DOI:10.1109/INES.2013.6632837

László Erdödi

{"title":"通过面向跳转的编程攻击x86 windows二进制文件","authors":"László Erdödi","doi":"10.1109/INES.2013.6632837","DOIUrl":null,"url":null,"abstract":"Jump oriented programming is one of the most up-to-date form of the memory corruption attacks. During this kind of attack the attacker tries to achieve his goal by using library files linked to the binary, without the placing of any own code. To execute attacks like this, a dispatcher gadget is needed which does the control by reading from a given memory part the address of the subsequent command and manages its execution. Besides the dispatcher gadget also functional gadget is needed to implement an attack. Since the most widely used operation system is the Windows this study introduces the execution of jump oriented attacks by an example in Windows environment.","PeriodicalId":6417,"journal":{"name":"2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering","volume":"45 1","pages":"333-338"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Attacking x86 windows binaries by jump oriented programming\",\"authors\":\"László Erdödi\",\"doi\":\"10.1109/INES.2013.6632837\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Jump oriented programming is one of the most up-to-date form of the memory corruption attacks. During this kind of attack the attacker tries to achieve his goal by using library files linked to the binary, without the placing of any own code. To execute attacks like this, a dispatcher gadget is needed which does the control by reading from a given memory part the address of the subsequent command and manages its execution. Besides the dispatcher gadget also functional gadget is needed to implement an attack. Since the most widely used operation system is the Windows this study introduces the execution of jump oriented attacks by an example in Windows environment.\",\"PeriodicalId\":6417,\"journal\":{\"name\":\"2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering\",\"volume\":\"45 1\",\"pages\":\"333-338\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INES.2013.6632837\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INES.2013.6632837","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

面向跳转的编程是内存破坏攻击的最新形式之一。在这种攻击中，攻击者试图通过使用链接到二进制文件的库文件来实现他的目标，而不放置任何自己的代码。要执行这样的攻击，需要一个调度器小部件，它通过从给定的内存部分读取后续命令的地址来进行控制，并管理其执行。除了调度小工具外，还需要功能小工具来实现攻击。由于使用最广泛的操作系统是Windows，本研究通过一个实例介绍了在Windows环境下实现面向跳转的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Attacking x86 windows binaries by jump oriented programming

Jump oriented programming is one of the most up-to-date form of the memory corruption attacks. During this kind of attack the attacker tries to achieve his goal by using library files linked to the binary, without the placing of any own code. To execute attacks like this, a dispatcher gadget is needed which does the control by reading from a given memory part the address of the subsequent command and manages its execution. Besides the dispatcher gadget also functional gadget is needed to implement an attack. Since the most widely used operation system is the Windows this study introduces the execution of jump oriented attacks by an example in Windows environment.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2010 IEEE International Conference on Intelligent Systems and Knowledge Engineering

自引率

0.00%

发文量