Vulnerability Exploitation of Buffer Overflow on Windows

doi:10.3969/j.issn.1000-3428.2007.17.055

Computer Engineering ›› 2007, Vol. 33 ›› Issue (17): 162-164. doi: 10.3969/j.issn.1000-3428.2007.17.055

• Security Technology • Previous Articles Next Articles

Vulnerability Exploitation of Buffer Overflow on Windows

YU Jun-song, ZHANG Yu-qing, SONG Yang, LIU Qi-xu

(National Computer Network Intrusion Protection Center, Graduate University, Chinese Academy of Sciences, Beijing 100049)

Received:1900-01-01 Revised:1900-01-01 Online:2007-09-05 Published:2007-09-05

Windows下缓冲区溢出漏洞的利用

余俊松，张玉清，宋杨，刘奇旭

(中国科学院研究生院国家计算机网络入侵防范中心，北京 100049)

Abstract

Abstract: This paper describes the technical principles of buffer overflow, and analyzes the methods and features of network attack based on buffer overflow in Windows environment, then gives the development process of exploiting a buffer overflow on Windows. An example of exploiting a buffer overflow in a ftp software is presented to verify the validity of the development process.

Key words: buffer overflow, Windows, vulnerability exploitation

摘要： 给出了缓冲区溢出的原理，分析了Windows平台下利用缓冲区溢出漏洞进行网络攻击的方法和特征，在此基础上提出了Windows平台下缓冲区溢出漏洞利用的开发流程。通过一个存在缓冲区溢出漏洞的ftp软件的利用实例验证了这个开发流程的有效性。

关键词: 缓冲区溢出, Windows, 漏洞利用

CLC Number:

TP303.08

YU Jun-song; ZHANG Yu-qing; SONG Yang; LIU Qi-xu. Vulnerability Exploitation of Buffer Overflow on Windows[J]. Computer Engineering, 2007, 33(17): 162-164.

余俊松;张玉清;宋杨;刘奇旭. Windows下缓冲区溢出漏洞的利用[J]. 计算机工程, 2007, 33(17): 162-164.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2007.17.055

http://www.ecice06.com/EN/Y2007/V33/I17/162

[1]	XIAO Yamin, ZHANG Jiachen, FENG Tie. Single Image Super-Resolution Reconstruction Based on Multi-Windows Residual Network [J]. Computer Engineering, 2021, 47(2): 293-299,306.
[2]	CUI Kunkun, FAN Shaosheng. Visual Navigation and Feature Recognition Method of Robot Based on Dynamic Double Windows [J]. Computer Engineering, 2020, 46(9): 313-320.
[3]	LI Han, JIANG Na, DU Cheng-Lie. Research on Real-time Memory Management Under Windows Platform [J]. Computer Engineering, 2013, 39(7): 102-105,122.
[4]	WANG Lian-Feng, SONG Jian-She, CAO Ji-Beng, XIE Qiang. Multi-objective Optimization for Fuzzy Vehicle Routing Problem with Hard Time Windows [J]. Computer Engineering, 2013, 39(4): 9-13,17.
[5]	ZHANG Hang, TUN Hao, HU Rong. Analysis and Utilization of Flaw for IE8.0 Login Information Protection Mechanism [J]. Computer Engineering, 2013, 39(1): 313-317.
[6]	SHI Qing-Li. Buffer Overflow Vulnerability Location Technology Based on Code Instrumentation [J]. Computer Engineering, 2012, 38(9): 138-140.
[7]	NIU Ling, GUO Yuan-Bo, LIU Wei. Flow-based Cross-layer Anomaly Detection Method in Wireless Mesh Networks [J]. Computer Engineering, 2012, 38(22): 88-91.
[8]	TUN Wei-Min, GUO Chao-Wei, HUANG Zhi-Wei, SU Qiang, CHEN Qiu-Wei. Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows [J]. Computer Engineering, 2012, 38(20): 5-8.
[9]	XIE Shuang-Shuang, SHEN Yan-Chun. Design and Implementation of Mobile GIS Engine [J]. Computer Engineering, 2012, 38(20): 256-259.
[10]	TU Li-Min, LUO Meng, WANG Jing-Beng, XUE Zhu-Kun, YANG Ming-Shi, WANG Xin. Design and Realization of Embedded Mobile Cluster Based on XPE [J]. Computer Engineering, 2012, 38(12): 251-254.
[11]	DONG Feng-Cheng, SHU Hui, KANG Fei, WANG Gan, WEI Wei. Process Analysis of Buffer Overflow Based on Dynamic Binary Platform [J]. Computer Engineering, 2012, 38(06): 66-68.
[12]	BO Li-Jun, FU Zhuo, LIU Chi-Mei. Open Vehicle Routing Problem with Working Time and Time Windows [J]. Computer Engineering, 2012, 38(04): 17-19.
[13]	MENG Jian-Jun, LI De-Cang, DUAN Li-Xia, DIAO De-Sheng. Servicing Work Safety Monitoring System Based on WinCC [J]. Computer Engineering, 2011, 37(9): 242-244.
[14]	LI San-Ban, WANG Li-Meng. Multi-start Tabu Search Algorithm for Solving OVRPTW [J]. Computer Engineering, 2011, 37(6): 187-189.
[15]	LIU Hui-Liang, YAN Ping, LIU Fei, LIN Fan. Method of Windows CE Soft-Shutdown Based on MCU [J]. Computer Engineering, 2011, 37(3): 275-277.

Please choose a citation manager

Content to export

Vulnerability Exploitation of Buffer Overflow on Windows

Windows下缓冲区溢出漏洞的利用

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

Vulnerability Exploitation of Buffer Overflow on Windows

Windows下缓冲区溢出漏洞的利用

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments