摘要：

针对Windows系统环境下，攻击者通过shellcode代码威胁系统安全的问题，研究shellcode攻击与防范方法。分析shellcode代码的工作原理、攻击过程及多种变化，介绍新型Windows系统采用的GS和ASLR保护对shellcode攻击的防范机制，并通过实验验证其防范效果。结果证明，实施shellcode攻击需要一定的条件，而GS和ALSR可破坏这些攻击条件的形成，有效阻止攻击。

关键词: shellcode代码, 编码, 定位

Abstract:

Aiming at the problem that shellcode threats the security of the operating system, this paper researches on the shellcode attack and the method against the attack. Principle, consisting and process of the shellcode attack are analysed. The GS and ALSR work against the shellcode attack, and the effect of the GS and ALSR protection mechanism is tested. Experimental results show that it needs some conditions when the attacker carries out the shellcode attack, and the new protection mechanism can limit this condition against the attack.

Key words: shellcode, coding, location

中图分类号: 

• TP393.08