SAEG: Stateful Automatic Exploit Generation

被引:0
|
作者
Wu, Yifan [1 ]
Li, Yinshuai [1 ]
Zhu, Hong [1 ]
Zhang, Yinqian [1 ]
机构
[1] Southern Univ Sci & Technol, Res Inst Trustworthy Autonomous Syst, Dept Comp Sci & Engn, Shenzhen, Peoples R China
来源
COMPUTER SECURITY-ESORICS 2024, PT IV | 2024年 / 14985卷
关键词
Automatic Exploit Generation; Symbolic Execution; Vulnerability;
D O I
10.1007/978-3-031-70903-6_7
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The field of Automatic Exploit Generation (AEG) plays a pivotal role in the assessment of software vulnerabilities, automating the analysis for exploit creation. Although AEG systems are instrumental in probing for vulnerabilities, they often lack the capability to contend with defense mechanisms such as vulnerability mitigation, which are commonly deployed in target environments. This shortfall presents significant challenges in exploitation. Additionally, most frameworks are tailored to specific vulnerabilities, rendering their extension a complex process that necessitates in-depth familiarity with their architectures. To overcome these limitations, we introduce the SAEG framework, which streamlines the repetitious aspects of existing exploit templates through a modular and extensible state machine that builds upon the concept of an Exploit Graph. SAEG can methodically filter out impractical exploitation paths by utilizing current information and the target program's state. Additionally, it simplifies the integration of new information leakage methods with minimal overhead and handles multi-step exploitation procedures, including those requiring the leakage of sensitive data. We demonstrate a prototype of SAEG founded on symbolic execution that can simultaneously explore heap and stack vulnerabilities. This prototype can explore and combine leakage and exploitation effectively, generating complete exploits to obtain shell access for binary files across i386 and x86_64 architectures.
引用
收藏
页码:127 / 145
页数:19
相关论文
共 50 条
  • [41] AUTOMATIC MESH GENERATION
    ADEY, RA
    ADVANCES IN ENGINEERING SOFTWARE AND WORKSTATIONS, 1991, 13 (5-6): : 218 - 218
  • [42] Automatic link generation
    Wilkinson, R
    Smeaton, AF
    ACM COMPUTING SURVEYS, 1999, 31
  • [43] Automatic workflow generation
    Shepelev, VA
    Director, SW
    EURO-DAC '96 - EUROPEAN DESIGN AUTOMATION CONFERENCE WITH EURO-VHDL '96 AND EXHIBITION, PROCEEDINGS, 1996, : 104 - 109
  • [44] AUTOMATIC GENERATION OF GRAPHS
    PROSKUROWSKI, A
    ERICSSON TECHNICS, 1973, 29 (02): : 65 - 67
  • [45] Automatic generation of invariants
    Bensalem, S
    Lakhnech, Y
    FORMAL METHODS IN SYSTEM DESIGN, 1999, 15 (01) : 75 - 92
  • [46] Automatic Generation of Invariants
    Saddek Bensalem
    Yassine Lakhnech
    Formal Methods in System Design, 1999, 15 : 75 - 92
  • [47] AUTOMATIC PROGRAM GENERATION
    MASSON, M
    CYBERNETICA, 1978, 21 (01): : 61 - 71
  • [48] Automatic model generation
    Mueller, Johann-Adolf
    Systems Analysis Modelling Simulation, 1998, 31 (1-2): : 1 - 37
  • [49] Automatic generation of hypermedia
    Macher, CL
    Gloor, A
    Pretsch, E
    ANALYTICA CHIMICA ACTA, 1997, 348 (1-3) : 465 - 470
  • [50] Automatic generation of ASICs
    Melnyk, Anatoly
    Salo, Andriy
    NASA/ESA CONFERENCE ON ADAPTIVE HARDWARE AND SYSTEMS, PROCEEDINGS, 2007, : 311 - +