作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (17): 162-164. doi: 10.3969/j.issn.1000-3428.2007.17.055

• 安全技术 • 上一篇    下一篇

Windows下缓冲区溢出漏洞的利用

余俊松,张玉清,宋 杨,刘奇旭   

  1. (中国科学院研究生院国家计算机网络入侵防范中心,北京 100049)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-09-05 发布日期:2007-09-05

Vulnerability Exploitation of Buffer Overflow on Windows

YU Jun-song, ZHANG Yu-qing, SONG Yang, LIU Qi-xu   

  1. (National Computer Network Intrusion Protection Center, Graduate University, Chinese Academy of Sciences, Beijing 100049)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-09-05 Published:2007-09-05

摘要: 给出了缓冲区溢出的原理,分析了Windows平台下利用缓冲区溢出漏洞进行网络攻击的方法和特征,在此基础上提出了Windows平台下缓冲区溢出漏洞利用的开发流程。通过一个存在缓冲区溢出漏洞的ftp软件的利用实例验证了这个开发流程的有效性。

关键词: 缓冲区溢出, Windows, 漏洞利用

Abstract: This paper describes the technical principles of buffer overflow, and analyzes the methods and features of network attack based on buffer overflow in Windows environment, then gives the development process of exploiting a buffer overflow on Windows. An example of exploiting a buffer overflow in a ftp software is presented to verify the validity of the development process.

Key words: buffer overflow, Windows, vulnerability exploitation

中图分类号: