Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows

doi:10.3969/j.issn.1000-3428.2012.20.002

Computer Engineering ›› 2012, Vol. 38 ›› Issue (20): 5-8. doi: 10.3969/j.issn.1000-3428.2012.20.002

• Networks and Communications • Previous Articles Next Articles

Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows

WU Wei-min, GUO Chao-wei, HUANG Zhi-wei, SU Qing, CHEN Qiu-wei

(Faculty of Computer, Guangdong University of Technology, Guangzhou 510006, China)

Received:2011-12-02 Revised:2012-02-20 Online:2012-10-20 Published:2012-10-17

基于Windows的结构化异常处理漏洞利用技术

吴伟民，郭朝伟，黄志伟，苏庆，陈秋伟

(广东工业大学计算机学院，广州 510006)

作者简介:吴伟民(1956－)，男，教授，主研方向：信息安全，数据结构，可视计算，虚拟机技术；郭朝伟，硕士研究生；黄志伟，本科生；苏庆，讲师；陈秋伟，本科生

Abstract

Abstract:

This paper discusses the Structured Exception Handling(SEH) and related protection mechanism, from the perspective of attackers, summarizes the technology of SEH vulnerability exploitation. It uses heap addresses or addresses outside of protection modules to overwrite the pointer of SEH handles to bypass SafeSEH, and fakes SEH chain to bypass SEHOP. It analyzes some major methods of making program execution flow locate the Shellcode. Example verifies the effectiveness of the SHE vulnerability exploitation technology.

Key words: Structured Exception Handling(SEH), SafeSEH mechanism, SEHOP mechanism, vulnerability exploitation technology, Shellcode location

摘要：

论述基于Windows的结构化异常处理(SEH)及相关保护机制，从攻击者的角度总结SEH漏洞利用技术。利用堆地址或保护模块之外的地址覆盖SEH句柄指针，绕过SafeSEH机制，伪造SEH链，绕过SEHOP机制，并分析使程序执行流程定位到Shellcode的方法。实例验证了SEH漏洞利用技术的有效性。

关键词: 结构化异常处理, SafeSEH机制, SEHOP机制, 漏洞利用技术, Shellcode定位

CLC Number:

TP309

TUN Wei-Min, GUO Chao-Wei, HUANG Zhi-Wei, SU Qiang, CHEN Qiu-Wei. Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows[J]. Computer Engineering, 2012, 38(20): 5-8.

吴伟民, 郭朝伟, 黄志伟, 苏庆, 陈秋伟. 基于Windows的结构化异常处理漏洞利用技术[J]. 计算机工程, 2012, 38(20): 5-8.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2012.20.002

http://www.ecice06.com/EN/Y2012/V38/I20/5

[1]	DING Xiaohui, CAO Suzhen, WANG Caifen. Smart Contract-Assisted Dynamically Searchable Encryption Scheme with Forward and Backward Security [J]. Computer Engineering, 2022, 48(7): 141-150.
[2]	JIN Haibo, ZHAO Xinyue. High-Reliability Intrusion Detection Algorithm Under Conformal Prediction Framework [J]. Computer Engineering, 2022, 48(7): 130-140.
[3]	ZHANG Chao, PENG Changgen, DING Hongfa, XU Dequan. Searchable Encryption Scheme Based on China State Cryptography Standard SM9 [J]. Computer Engineering, 2022, 48(7): 159-167.
[4]	YE Qing, ZHAO Nannan, ZHAO Zongqu, QIN Panke, YAN Xixi, TANG Yongli. Efficient Fully Dynamic Group Signature Scheme from Lattice [J]. Computer Engineering, 2021, 47(2): 160-167,175.
[5]	JI Lusheng, ZHANG Guiling, YANG Jiarun. Off-Chain Personal Data Protection Scheme Based on Blockchain [J]. Computer Engineering, 2021, 47(2): 176-181,187.
[6]	ZHANG Jing, HE Zheng, GE Binghui, TANG Yongli, YE Qing. An Efficient Protocol for Millionaires' Problem and Its Application [J]. Computer Engineering, 2021, 47(2): 168-175.
[7]	YOU Wenzhu, GE Haibo. Efficient Algorithm for Multi-Scalar Multiplication of Elliptic Curves Using Multi-Base Number System [J]. Computer Engineering, 2021, 47(2): 182-187.
[8]	FU Zixi, XU Yang, WU Zhaodi, XU Dandan, XIE Xiaoyao. SVM-KNN Network Intrusion Detection Method Based on Incremental Learning [J]. Computer Engineering, 2020, 46(4): 115-122.
[9]	LIU Xueyan, HE Xiaomei, LU Tingting, LUO Yukun. Certificateless Public Audit Scheme for Shared Data [J]. Computer Engineering, 2020, 46(4): 143-150.
[10]	ZENG Yaqin, ZHANG Linlin, ZHANG Ruonan, YANG Bo. Malware Family Classification Model Based on MobileNet [J]. Computer Engineering, 2020, 46(4): 162-168.
[11]	ZHANG Rui, CHEN Hongwei. Intrusion Detection Based on Feature Optimization and SVPSO for Industrial Control System [J]. Computer Engineering, 2020, 46(4): 19-25.
[12]	LI Zhi, SONG Lipeng. Research on Internal Threat Detection Based on User Window Behavior [J]. Computer Engineering, 2020, 46(4): 135-142,150.
[13]	SHI Zhicai, WANG Yihan, ZHANG Xiaomei, CHEN Jiwei, CHEN Shanshan. An RFID Grouping-proof Protocol with Privacy Protection and Forward Security [J]. Computer Engineering, 2020, 46(1): 108-113.
[14]	ZHAO Nan, ZHANG Guoan, GU Xiaohui. Certificateless Aggregate Signature Scheme for Privacy Protection in VANET [J]. Computer Engineering, 2020, 46(1): 114-120,128.
[15]	LI Yuanhang, CHEN Xianlai, LIU Li, AN Ying, LI Zhongmin. Random Forest Algorithm for Differential Privacy Protection [J]. Computer Engineering, 2020, 46(1): 93-101.

Please choose a citation manager

Content to export

Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows

基于Windows的结构化异常处理漏洞利用技术

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

Vulnerability Exploitation Technology of Structured Exception Handling Based on Windows

基于Windows的结构化异常处理漏洞利用技术

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments