基于 WebDAV 缓冲区溢出攻击的研究
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
研究各种类型的缓冲区溢出漏洞和攻击手段,栈溢出,堆溢出,格式化字 符串溢出,整型溢出,并重点研究基于WebDAV缓冲区溢出攻击。
通过搭建好的实验环境,利用实现的攻击代码,进行WebDAV缓冲区渗 透攻击,从而得到系统的控制权。
最后,还针对缓冲区溢出漏洞研究防御手段,用来消除这些漏洞所造成 的影响。
缓冲区溢出这种类型的安全漏洞是目前最为常见的安全漏洞,并且缓冲 区溢出攻击目前仍然是远程网络攻击和本地获得权限提升的主要方法之一。 这种攻击可以使得一个匿名的Internet用户有机会获得主机的控制权。因此缓 冲区溢出漏洞是对系统威胁极大的安全漏洞,如果能有效地解决缓冲区溢出 漏洞的问题,会给系统的安全性能带来本质的改变。
III
北京理工大学硕士学位论文
目录
第 1 章 绪论 ............................................................. 1
1.1 课题研究背景及现状.................................................. 1 1.2 缓冲区溢出的历史和发展.............................................. 2 1.3 本课题的研究意义.................................................... 5 1.4 国内外研究现状...................................................... 6 1.5 本课题的研究内容.................................................... 6
3.3 渗透防火墙......................................................... 23 3.3.1 端口复用技术................................................. 23 3.3.2 重新绑定端口................................................. 23 3.3.3 getpeername 查找 socket ...................................... 24 3.3.4 Hook 系统的 recv 调用 ........................................ 24 3.3.5 文件上传下载功能的实现 ....................................... 24
2.2.1 栈溢出........................................................ 7 2.2.2 堆溢出........................................................ 9 2.2.3 格式化字符串溢出.............................................. 9 2.2.4 整型溢出..................................................... 11
关键词:缓冲区溢出 网络安全 网络攻击
I
北京理工大学硕士学位论文
ABSTRACT
Buffer overflow attack is the main measure of hacker’s attack. It has done more and more harm to information security. The existing researches on defensive measures are behind schedule. Most of the current researches concentrate on the exploiting and defense of certain vulnerabilities, without a comprehensive exploration. And the existing defensive measures still have all kinds of shortages. Therefore this paper author attempts to conduct a comprehensive research on attack and defense of buffer overflow under windows platform.
本文分析缓冲区溢出的原理,缓冲区溢出漏洞广泛存在于各种操作系统 和应用软件中。缓冲区溢出攻击利用编写不够严谨的程序,通过向程序的缓 存写入超过预定长度的数据,造成缓冲区的溢出,从而破坏程序的堆栈,导 致执行流程的改变。通过攻击存在缓冲区溢出漏洞的程序,入侵者可以使程 序运行失败,造成系统死机,重启,甚至执行非授权的指令,获得系统最高 权限。
Finally, research will focus on buffer overflow attacks, means of defense to eliminate these vulnerabilities impact.
This type of buffer overflow security vulnerabilities is the most common security vulnerabilities, and buffer overflow attacks is still a remote network attacks and the local authority was one of the primary means of upgrading. Such an attack can make an anonymous Internet user access to the control of the host. Thus buffer overflow vulnerability is a great threat to the safety of the system
北京理工大学硕士学位论文
摘要
缓冲区溢出攻击是黑客攻击的主要手段,给网络信息安全带来了越来越 大的危害。已有的防御手段研究相对滞后,目前国内外的研究大多集中在某 个具体漏洞的利用与防范上,缺乏全面的研究。并且现有的缓冲区溢出防御 手段也存在诸多不足之处。针对这一问题,论文以缓冲区溢出攻击为主题, 以windows系统为平台,力图系统地对缓冲区溢出进行综合研究。
Research on various types of buffer overflow vulnerabilities and attacks means, stack overflow, heap overflow, format string overflow, integer overflow, and focus on WebDAV-based buffer overflow attacks.
This article will analyze the principle of buffer overflow. Buffer overflow vulnerability is a very common vulnerability and widely exists in a variety of operating systems and applications software. Buffer overflow attacks use less stringent procedures prepared by the procedure ,write more than the scheduled length of the data to cache and cause a buffer overflow, thus undermining the process of the stack, leading to the implementation of process changes. Through buffer overflow attacks on the existence of loopholes in the procedures, the intruder could fail, resulting in system crash,restarting, or even non-authorized commands, access to the highest authority system.
3.4 突破 windows 的堆栈保护机制 ........................................ 24 3.4.1 突破 windows 2003 堆栈保护技术 ......indows XP sp2 的堆栈保护技术 ........................... 26
23331端口复用技术23332重新绑定端口23333getpeername查找socket24334hook系统的recv调用24335文件上传下载功能的实现2434突破windows的堆栈保护机制24341突破windows2003堆栈保护技术24342突破windowsxpsp2的堆栈保护技术2635溢出点精确定位公式2636本章小结2841关于webdav及其组件的介绍2842webdav缓冲区溢出漏洞的原理2843缓冲区溢出攻击的实现28431缓冲区的组织2844开发shellcode29北京理工大学硕士学位论文441漏洞简单分析29442关于widechar的字符串30443iispath长度的问题41444exploit4245基于webdav缓冲区溢出的系统测试57451测试环境58452测试过程58453测试结果6151缓冲区溢出漏洞静态检测技术6152检查数组边界6153程序指针的完整性检查6254缓冲区不可执行6461全文总结6362展望63参考文献65附录68致谢73北京理工大学硕士学位论文绪论11课题研究背景及现状缓冲区溢出攻击作为一种主流的攻击手法早在20世纪80年代国外就有人开始讨论溢出攻击例如1988年的morris蠕虫利用的攻击方法之一就是fingerd的缓冲区溢出这次蠕虫攻击导致全球6000多台机器被感染损失巨大
II
北京理工大学硕士学位论文
loopholes, if they can effectively solve the problem of buffer overflow vulnerabilities, security systems will bring the essence of change. Key Words: buffer overflow network security network attack
第 3 章 缓冲区溢出技术的实现 ....................................... 12
3.1 通用 shellcode 技术实现 ............................................ 12 3.1.1 shellcode 概述 ............................................... 12 3.1.2 定位 shellcode ............................................... 12 3.1.3 查找 GetProcAddress()函数地址 ................................ 18
第 2 章 缓冲区溢出的原理及其分类 ................................... 7
2.1 缓冲区溢出的原理.................................................... 7 2.2 各类缓冲区溢出漏洞与利用............................................ 7
3.2 绕过过滤字符的限制................................................. 21 3.2.1 Shellcode 编码............................................... 21 3.2.2 Shellcode 解码............................................... 22
Build a good experimental environment through the use of the achievement of the attack code to carry out WebDAV Buffer penetration attacks in order to get control of the system.
通过搭建好的实验环境,利用实现的攻击代码,进行WebDAV缓冲区渗 透攻击,从而得到系统的控制权。
最后,还针对缓冲区溢出漏洞研究防御手段,用来消除这些漏洞所造成 的影响。
缓冲区溢出这种类型的安全漏洞是目前最为常见的安全漏洞,并且缓冲 区溢出攻击目前仍然是远程网络攻击和本地获得权限提升的主要方法之一。 这种攻击可以使得一个匿名的Internet用户有机会获得主机的控制权。因此缓 冲区溢出漏洞是对系统威胁极大的安全漏洞,如果能有效地解决缓冲区溢出 漏洞的问题,会给系统的安全性能带来本质的改变。
III
北京理工大学硕士学位论文
目录
第 1 章 绪论 ............................................................. 1
1.1 课题研究背景及现状.................................................. 1 1.2 缓冲区溢出的历史和发展.............................................. 2 1.3 本课题的研究意义.................................................... 5 1.4 国内外研究现状...................................................... 6 1.5 本课题的研究内容.................................................... 6
3.3 渗透防火墙......................................................... 23 3.3.1 端口复用技术................................................. 23 3.3.2 重新绑定端口................................................. 23 3.3.3 getpeername 查找 socket ...................................... 24 3.3.4 Hook 系统的 recv 调用 ........................................ 24 3.3.5 文件上传下载功能的实现 ....................................... 24
2.2.1 栈溢出........................................................ 7 2.2.2 堆溢出........................................................ 9 2.2.3 格式化字符串溢出.............................................. 9 2.2.4 整型溢出..................................................... 11
关键词:缓冲区溢出 网络安全 网络攻击
I
北京理工大学硕士学位论文
ABSTRACT
Buffer overflow attack is the main measure of hacker’s attack. It has done more and more harm to information security. The existing researches on defensive measures are behind schedule. Most of the current researches concentrate on the exploiting and defense of certain vulnerabilities, without a comprehensive exploration. And the existing defensive measures still have all kinds of shortages. Therefore this paper author attempts to conduct a comprehensive research on attack and defense of buffer overflow under windows platform.
本文分析缓冲区溢出的原理,缓冲区溢出漏洞广泛存在于各种操作系统 和应用软件中。缓冲区溢出攻击利用编写不够严谨的程序,通过向程序的缓 存写入超过预定长度的数据,造成缓冲区的溢出,从而破坏程序的堆栈,导 致执行流程的改变。通过攻击存在缓冲区溢出漏洞的程序,入侵者可以使程 序运行失败,造成系统死机,重启,甚至执行非授权的指令,获得系统最高 权限。
Finally, research will focus on buffer overflow attacks, means of defense to eliminate these vulnerabilities impact.
This type of buffer overflow security vulnerabilities is the most common security vulnerabilities, and buffer overflow attacks is still a remote network attacks and the local authority was one of the primary means of upgrading. Such an attack can make an anonymous Internet user access to the control of the host. Thus buffer overflow vulnerability is a great threat to the safety of the system
北京理工大学硕士学位论文
摘要
缓冲区溢出攻击是黑客攻击的主要手段,给网络信息安全带来了越来越 大的危害。已有的防御手段研究相对滞后,目前国内外的研究大多集中在某 个具体漏洞的利用与防范上,缺乏全面的研究。并且现有的缓冲区溢出防御 手段也存在诸多不足之处。针对这一问题,论文以缓冲区溢出攻击为主题, 以windows系统为平台,力图系统地对缓冲区溢出进行综合研究。
Research on various types of buffer overflow vulnerabilities and attacks means, stack overflow, heap overflow, format string overflow, integer overflow, and focus on WebDAV-based buffer overflow attacks.
This article will analyze the principle of buffer overflow. Buffer overflow vulnerability is a very common vulnerability and widely exists in a variety of operating systems and applications software. Buffer overflow attacks use less stringent procedures prepared by the procedure ,write more than the scheduled length of the data to cache and cause a buffer overflow, thus undermining the process of the stack, leading to the implementation of process changes. Through buffer overflow attacks on the existence of loopholes in the procedures, the intruder could fail, resulting in system crash,restarting, or even non-authorized commands, access to the highest authority system.
3.4 突破 windows 的堆栈保护机制 ........................................ 24 3.4.1 突破 windows 2003 堆栈保护技术 ......indows XP sp2 的堆栈保护技术 ........................... 26
23331端口复用技术23332重新绑定端口23333getpeername查找socket24334hook系统的recv调用24335文件上传下载功能的实现2434突破windows的堆栈保护机制24341突破windows2003堆栈保护技术24342突破windowsxpsp2的堆栈保护技术2635溢出点精确定位公式2636本章小结2841关于webdav及其组件的介绍2842webdav缓冲区溢出漏洞的原理2843缓冲区溢出攻击的实现28431缓冲区的组织2844开发shellcode29北京理工大学硕士学位论文441漏洞简单分析29442关于widechar的字符串30443iispath长度的问题41444exploit4245基于webdav缓冲区溢出的系统测试57451测试环境58452测试过程58453测试结果6151缓冲区溢出漏洞静态检测技术6152检查数组边界6153程序指针的完整性检查6254缓冲区不可执行6461全文总结6362展望63参考文献65附录68致谢73北京理工大学硕士学位论文绪论11课题研究背景及现状缓冲区溢出攻击作为一种主流的攻击手法早在20世纪80年代国外就有人开始讨论溢出攻击例如1988年的morris蠕虫利用的攻击方法之一就是fingerd的缓冲区溢出这次蠕虫攻击导致全球6000多台机器被感染损失巨大
II
北京理工大学硕士学位论文
loopholes, if they can effectively solve the problem of buffer overflow vulnerabilities, security systems will bring the essence of change. Key Words: buffer overflow network security network attack
第 3 章 缓冲区溢出技术的实现 ....................................... 12
3.1 通用 shellcode 技术实现 ............................................ 12 3.1.1 shellcode 概述 ............................................... 12 3.1.2 定位 shellcode ............................................... 12 3.1.3 查找 GetProcAddress()函数地址 ................................ 18
第 2 章 缓冲区溢出的原理及其分类 ................................... 7
2.1 缓冲区溢出的原理.................................................... 7 2.2 各类缓冲区溢出漏洞与利用............................................ 7
3.2 绕过过滤字符的限制................................................. 21 3.2.1 Shellcode 编码............................................... 21 3.2.2 Shellcode 解码............................................... 22
Build a good experimental environment through the use of the achievement of the attack code to carry out WebDAV Buffer penetration attacks in order to get control of the system.